//===----------------------------------------------------------------------===//
//
// This source file is part of the Soto for AWS open source project
//
// Copyright (c) 2017-2024 the Soto project authors
// Licensed under Apache License v2.0
//
// See LICENSE.txt for license information
// See CONTRIBUTORS.txt for the list of Soto project authors
//
// SPDX-License-Identifier: Apache-2.0
//
//===----------------------------------------------------------------------===//

// THIS FILE IS AUTOMATICALLY GENERATED by https://github.com/soto-project/soto-codegenerator.
// DO NOT EDIT.

#if canImport(FoundationEssentials)
import FoundationEssentials
#else
import Foundation
#endif
@_spi(SotoInternal) import SotoCore

extension S3Control {
    // MARK: Enums

    public enum AsyncOperationName: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case createMultiRegionAccessPoint = "CreateMultiRegionAccessPoint"
        case deleteMultiRegionAccessPoint = "DeleteMultiRegionAccessPoint"
        case putMultiRegionAccessPointPolicy = "PutMultiRegionAccessPointPolicy"
        public var description: String { return self.rawValue }
    }

    public enum BucketCannedACL: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case `private` = "private"
        case authenticatedRead = "authenticated-read"
        case publicRead = "public-read"
        case publicReadWrite = "public-read-write"
        public var description: String { return self.rawValue }
    }

    public struct BucketLocationConstraint: RawRepresentable, Equatable, Codable, Sendable, CodingKeyRepresentable {
        public var rawValue: String

        public init(rawValue: String) {
            self.rawValue = rawValue
        }

        public static var apNortheast1: Self { .init(rawValue: "ap-northeast-1") }
        public static var apSouth1: Self { .init(rawValue: "ap-south-1") }
        public static var apSoutheast1: Self { .init(rawValue: "ap-southeast-1") }
        public static var apSoutheast2: Self { .init(rawValue: "ap-southeast-2") }
        public static var cnNorth1: Self { .init(rawValue: "cn-north-1") }
        public static var eu: Self { .init(rawValue: "EU") }
        public static var euCentral1: Self { .init(rawValue: "eu-central-1") }
        public static var euWest1: Self { .init(rawValue: "eu-west-1") }
        public static var saEast1: Self { .init(rawValue: "sa-east-1") }
        public static var usEast1: Self { .init(rawValue: "us_east_1") }
        public static var usWest1: Self { .init(rawValue: "us-west-1") }
        public static var usWest2: Self { .init(rawValue: "us-west-2") }
    }

    public enum BucketVersioningStatus: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case enabled = "Enabled"
        case suspended = "Suspended"
        public var description: String { return self.rawValue }
    }

    public enum DeleteMarkerReplicationStatus: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case disabled = "Disabled"
        case enabled = "Enabled"
        public var description: String { return self.rawValue }
    }

    public enum ExistingObjectReplicationStatus: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case disabled = "Disabled"
        case enabled = "Enabled"
        public var description: String { return self.rawValue }
    }

    public enum ExpirationStatus: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case disabled = "Disabled"
        case enabled = "Enabled"
        public var description: String { return self.rawValue }
    }

    public enum Format: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case csv = "CSV"
        case parquet = "Parquet"
        public var description: String { return self.rawValue }
    }

    public enum GeneratedManifestFormat: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case s3InventoryReportCSV20211130 = "S3InventoryReport_CSV_20211130"
        public var description: String { return self.rawValue }
    }

    public enum GranteeType: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case directoryGroup = "DIRECTORY_GROUP"
        case directoryUser = "DIRECTORY_USER"
        case iam = "IAM"
        public var description: String { return self.rawValue }
    }

    public enum JobManifestFieldName: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case bucket = "Bucket"
        case ignore = "Ignore"
        case key = "Key"
        case versionId = "VersionId"
        public var description: String { return self.rawValue }
    }

    public enum JobManifestFormat: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case s3BatchOperationsCSV20180820 = "S3BatchOperations_CSV_20180820"
        case s3InventoryReportCSV20161130 = "S3InventoryReport_CSV_20161130"
        public var description: String { return self.rawValue }
    }

    public enum JobReportFormat: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case reportCSV20180820 = "Report_CSV_20180820"
        public var description: String { return self.rawValue }
    }

    public enum JobReportScope: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case allTasks = "AllTasks"
        case failedTasksOnly = "FailedTasksOnly"
        public var description: String { return self.rawValue }
    }

    public enum JobStatus: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case active = "Active"
        case cancelled = "Cancelled"
        case cancelling = "Cancelling"
        case complete = "Complete"
        case completing = "Completing"
        case failed = "Failed"
        case failing = "Failing"
        case new = "New"
        case paused = "Paused"
        case pausing = "Pausing"
        case preparing = "Preparing"
        case ready = "Ready"
        case suspended = "Suspended"
        public var description: String { return self.rawValue }
    }

    public enum MFADelete: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case disabled = "Disabled"
        case enabled = "Enabled"
        public var description: String { return self.rawValue }
    }

    public enum MFADeleteStatus: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case disabled = "Disabled"
        case enabled = "Enabled"
        public var description: String { return self.rawValue }
    }

    public enum MetricsStatus: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case disabled = "Disabled"
        case enabled = "Enabled"
        public var description: String { return self.rawValue }
    }

    public enum MultiRegionAccessPointStatus: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case creating = "CREATING"
        case deleting = "DELETING"
        case inconsistentAcrossRegions = "INCONSISTENT_ACROSS_REGIONS"
        case partiallyCreated = "PARTIALLY_CREATED"
        case partiallyDeleted = "PARTIALLY_DELETED"
        case ready = "READY"
        public var description: String { return self.rawValue }
    }

    public enum NetworkOrigin: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case internet = "Internet"
        case vpc = "VPC"
        public var description: String { return self.rawValue }
    }

    public enum ObjectLambdaAccessPointAliasStatus: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case provisioning = "PROVISIONING"
        case ready = "READY"
        public var description: String { return self.rawValue }
    }

    public enum ObjectLambdaAllowedFeature: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case getObjectPartNumber = "GetObject-PartNumber"
        case getObjectRange = "GetObject-Range"
        case headObjectPartNumber = "HeadObject-PartNumber"
        case headObjectRange = "HeadObject-Range"
        public var description: String { return self.rawValue }
    }

    public enum ObjectLambdaTransformationConfigurationAction: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case getObject = "GetObject"
        case headObject = "HeadObject"
        case listObjects = "ListObjects"
        case listObjectsV2 = "ListObjectsV2"
        public var description: String { return self.rawValue }
    }

    public enum OperationName: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case lambdaInvoke = "LambdaInvoke"
        case s3DeleteObjectTagging = "S3DeleteObjectTagging"
        case s3InitiateRestoreObject = "S3InitiateRestoreObject"
        case s3PutObjectAcl = "S3PutObjectAcl"
        case s3PutObjectCopy = "S3PutObjectCopy"
        case s3PutObjectLegalHold = "S3PutObjectLegalHold"
        case s3PutObjectRetention = "S3PutObjectRetention"
        case s3PutObjectTagging = "S3PutObjectTagging"
        case s3ReplicateObject = "S3ReplicateObject"
        public var description: String { return self.rawValue }
    }

    public enum OutputSchemaVersion: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case v1 = "V_1"
        public var description: String { return self.rawValue }
    }

    public enum OwnerOverride: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case destination = "Destination"
        public var description: String { return self.rawValue }
    }

    public enum Permission: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case read = "READ"
        case readwrite = "READWRITE"
        case write = "WRITE"
        public var description: String { return self.rawValue }
    }

    public enum Privilege: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case `default` = "Default"
        case minimal = "Minimal"
        public var description: String { return self.rawValue }
    }

    public enum ReplicaModificationsStatus: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case disabled = "Disabled"
        case enabled = "Enabled"
        public var description: String { return self.rawValue }
    }

    public enum ReplicationRuleStatus: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case disabled = "Disabled"
        case enabled = "Enabled"
        public var description: String { return self.rawValue }
    }

    public enum ReplicationStatus: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case completed = "COMPLETED"
        case failed = "FAILED"
        case none = "NONE"
        case replica = "REPLICA"
        public var description: String { return self.rawValue }
    }

    public enum ReplicationStorageClass: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case deepArchive = "DEEP_ARCHIVE"
        case glacier = "GLACIER"
        case glacierIr = "GLACIER_IR"
        case intelligentTiering = "INTELLIGENT_TIERING"
        case onezoneIa = "ONEZONE_IA"
        case outposts = "OUTPOSTS"
        case reducedRedundancy = "REDUCED_REDUNDANCY"
        case standard = "STANDARD"
        case standardIa = "STANDARD_IA"
        public var description: String { return self.rawValue }
    }

    public enum ReplicationTimeStatus: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case disabled = "Disabled"
        case enabled = "Enabled"
        public var description: String { return self.rawValue }
    }

    public enum RequestedJobStatus: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case cancelled = "Cancelled"
        case ready = "Ready"
        public var description: String { return self.rawValue }
    }

    public enum S3CannedAccessControlList: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case `private` = "private"
        case authenticatedRead = "authenticated-read"
        case awsExecRead = "aws-exec-read"
        case bucketOwnerFullControl = "bucket-owner-full-control"
        case bucketOwnerRead = "bucket-owner-read"
        case publicRead = "public-read"
        case publicReadWrite = "public-read-write"
        public var description: String { return self.rawValue }
    }

    public enum S3ChecksumAlgorithm: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case crc32 = "CRC32"
        case crc32c = "CRC32C"
        case crc64nvme = "CRC64NVME"
        case sha1 = "SHA1"
        case sha256 = "SHA256"
        public var description: String { return self.rawValue }
    }

    public enum S3GlacierJobTier: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case bulk = "BULK"
        case standard = "STANDARD"
        public var description: String { return self.rawValue }
    }

    public enum S3GranteeTypeIdentifier: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case canonical = "id"
        case emailAddress = "emailAddress"
        case group = "uri"
        public var description: String { return self.rawValue }
    }

    public enum S3MetadataDirective: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case copy = "COPY"
        case replace = "REPLACE"
        public var description: String { return self.rawValue }
    }

    public enum S3ObjectLockLegalHoldStatus: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case off = "OFF"
        case on = "ON"
        public var description: String { return self.rawValue }
    }

    public enum S3ObjectLockMode: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case compliance = "COMPLIANCE"
        case governance = "GOVERNANCE"
        public var description: String { return self.rawValue }
    }

    public enum S3ObjectLockRetentionMode: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case compliance = "COMPLIANCE"
        case governance = "GOVERNANCE"
        public var description: String { return self.rawValue }
    }

    public enum S3Permission: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case fullControl = "FULL_CONTROL"
        case read = "READ"
        case readAcp = "READ_ACP"
        case write = "WRITE"
        case writeAcp = "WRITE_ACP"
        public var description: String { return self.rawValue }
    }

    public enum S3PrefixType: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case object = "Object"
        public var description: String { return self.rawValue }
    }

    public enum S3SSEAlgorithm: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case aes256 = "AES256"
        case kms = "KMS"
        public var description: String { return self.rawValue }
    }

    public enum S3StorageClass: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case deepArchive = "DEEP_ARCHIVE"
        case glacier = "GLACIER"
        case glacierIr = "GLACIER_IR"
        case intelligentTiering = "INTELLIGENT_TIERING"
        case onezoneIa = "ONEZONE_IA"
        case standard = "STANDARD"
        case standardIa = "STANDARD_IA"
        public var description: String { return self.rawValue }
    }

    public enum ScopePermission: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case abortMultipartUpload = "AbortMultipartUpload"
        case deleteObject = "DeleteObject"
        case getObject = "GetObject"
        case getObjectAttributes = "GetObjectAttributes"
        case listBucket = "ListBucket"
        case listBucketMultipartUploads = "ListBucketMultipartUploads"
        case listMultipartUploadParts = "ListMultipartUploadParts"
        case putObject = "PutObject"
        public var description: String { return self.rawValue }
    }

    public enum SseKmsEncryptedObjectsStatus: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case disabled = "Disabled"
        case enabled = "Enabled"
        public var description: String { return self.rawValue }
    }

    public enum TransitionStorageClass: String, CustomStringConvertible, Codable, Sendable, CodingKeyRepresentable {
        case deepArchive = "DEEP_ARCHIVE"
        case glacier = "GLACIER"
        case intelligentTiering = "INTELLIGENT_TIERING"
        case onezoneIa = "ONEZONE_IA"
        case standardIa = "STANDARD_IA"
        public var description: String { return self.rawValue }
    }

    // MARK: Shapes

    public struct AbortIncompleteMultipartUpload: AWSEncodableShape & AWSDecodableShape {
        /// Specifies the number of days after which Amazon S3 aborts an incomplete multipart upload to the Outposts bucket.
        public let daysAfterInitiation: Int?

        @inlinable
        public init(daysAfterInitiation: Int? = nil) {
            self.daysAfterInitiation = daysAfterInitiation
        }

        private enum CodingKeys: String, CodingKey {
            case daysAfterInitiation = "DaysAfterInitiation"
        }
    }

    public struct AccessControlTranslation: AWSEncodableShape & AWSDecodableShape {
        /// Specifies the replica ownership.
        public let owner: OwnerOverride

        @inlinable
        public init(owner: OwnerOverride) {
            self.owner = owner
        }

        private enum CodingKeys: String, CodingKey {
            case owner = "Owner"
        }
    }

    public struct AccessGrantsLocationConfiguration: AWSEncodableShape & AWSDecodableShape {
        /// The S3SubPrefix is appended to the location scope creating the grant scope. Use this field to narrow the scope of the grant to a subset of the location scope. This field is required if the location scope is the default location s3:// because you cannot create a grant for all of your S3 data in the Region and must narrow the scope. For example, if the location scope is the default location s3://, the S3SubPrefx can be a /*, so the full grant scope path would be s3:///*. Or the S3SubPrefx can be /*, so the full grant scope path would be or s3:///*. If the S3SubPrefix includes a prefix, append the wildcard character * after the prefix to indicate that you want to include all object key names in the bucket that start with that prefix.
        public let s3SubPrefix: String?

        @inlinable
        public init(s3SubPrefix: String? = nil) {
            self.s3SubPrefix = s3SubPrefix
        }

        public func validate(name: String) throws {
            try self.validate(self.s3SubPrefix, name: "s3SubPrefix", parent: name, max: 2000)
            try self.validate(self.s3SubPrefix, name: "s3SubPrefix", parent: name, min: 1)
            try self.validate(self.s3SubPrefix, name: "s3SubPrefix", parent: name, pattern: "^.+$")
        }

        private enum CodingKeys: String, CodingKey {
            case s3SubPrefix = "S3SubPrefix"
        }
    }

    public struct AccessPoint: AWSDecodableShape {
        /// The ARN for the access point.
        public let accessPointArn: String?
        /// The name or alias of the access point.
        public let alias: String?
        /// The name of the bucket associated with this access point.
        public let bucket: String
        /// The Amazon Web Services account ID associated with the S3 bucket associated with this access point.
        public let bucketAccountId: String?
        /// A unique identifier for the data source of the access point.
        public let dataSourceId: String?
        /// The type of the data source that the access point is attached to.
        public let dataSourceType: String?
        /// The name of this access point.
        public let name: String
        /// Indicates whether this access point allows access from the public internet. If VpcConfiguration is specified for this access point, then NetworkOrigin is VPC, and the access point doesn't allow access from the public internet. Otherwise, NetworkOrigin is Internet, and the access point allows access from the public internet, subject to the access point and bucket access policies.
        public let networkOrigin: NetworkOrigin
        /// The virtual private cloud (VPC) configuration for this access point, if one exists.  This element is empty if this access point is an Amazon S3 on Outposts access point that is used by other Amazon Web Services services.
        public let vpcConfiguration: VpcConfiguration?

        @inlinable
        public init(accessPointArn: String? = nil, alias: String? = nil, bucket: String, bucketAccountId: String? = nil, dataSourceId: String? = nil, dataSourceType: String? = nil, name: String, networkOrigin: NetworkOrigin, vpcConfiguration: VpcConfiguration? = nil) {
            self.accessPointArn = accessPointArn
            self.alias = alias
            self.bucket = bucket
            self.bucketAccountId = bucketAccountId
            self.dataSourceId = dataSourceId
            self.dataSourceType = dataSourceType
            self.name = name
            self.networkOrigin = networkOrigin
            self.vpcConfiguration = vpcConfiguration
        }

        private enum CodingKeys: String, CodingKey {
            case accessPointArn = "AccessPointArn"
            case alias = "Alias"
            case bucket = "Bucket"
            case bucketAccountId = "BucketAccountId"
            case dataSourceId = "DataSourceId"
            case dataSourceType = "DataSourceType"
            case name = "Name"
            case networkOrigin = "NetworkOrigin"
            case vpcConfiguration = "VpcConfiguration"
        }
    }

    public struct AccountLevel: AWSEncodableShape & AWSDecodableShape {
        /// A container element for S3 Storage Lens activity metrics.
        public let activityMetrics: ActivityMetrics?
        /// A container element for S3 Storage Lens advanced cost-optimization metrics.
        public let advancedCostOptimizationMetrics: AdvancedCostOptimizationMetrics?
        /// A container element for S3 Storage Lens advanced data-protection metrics.
        public let advancedDataProtectionMetrics: AdvancedDataProtectionMetrics?
        /// A container element for the S3 Storage Lens bucket-level configuration.
        public let bucketLevel: BucketLevel
        /// A container element for detailed status code metrics.
        public let detailedStatusCodesMetrics: DetailedStatusCodesMetrics?
        /// A container element for S3 Storage Lens groups metrics.
        public let storageLensGroupLevel: StorageLensGroupLevel?

        @inlinable
        public init(activityMetrics: ActivityMetrics? = nil, advancedCostOptimizationMetrics: AdvancedCostOptimizationMetrics? = nil, advancedDataProtectionMetrics: AdvancedDataProtectionMetrics? = nil, bucketLevel: BucketLevel, detailedStatusCodesMetrics: DetailedStatusCodesMetrics? = nil, storageLensGroupLevel: StorageLensGroupLevel? = nil) {
            self.activityMetrics = activityMetrics
            self.advancedCostOptimizationMetrics = advancedCostOptimizationMetrics
            self.advancedDataProtectionMetrics = advancedDataProtectionMetrics
            self.bucketLevel = bucketLevel
            self.detailedStatusCodesMetrics = detailedStatusCodesMetrics
            self.storageLensGroupLevel = storageLensGroupLevel
        }

        public func validate(name: String) throws {
            try self.bucketLevel.validate(name: "\(name).bucketLevel")
            try self.storageLensGroupLevel?.validate(name: "\(name).storageLensGroupLevel")
        }

        private enum CodingKeys: String, CodingKey {
            case activityMetrics = "ActivityMetrics"
            case advancedCostOptimizationMetrics = "AdvancedCostOptimizationMetrics"
            case advancedDataProtectionMetrics = "AdvancedDataProtectionMetrics"
            case bucketLevel = "BucketLevel"
            case detailedStatusCodesMetrics = "DetailedStatusCodesMetrics"
            case storageLensGroupLevel = "StorageLensGroupLevel"
        }
    }

    public struct ActivityMetrics: AWSEncodableShape & AWSDecodableShape {
        /// A container that indicates whether activity metrics are enabled.
        public let isEnabled: Bool?

        @inlinable
        public init(isEnabled: Bool? = nil) {
            self.isEnabled = isEnabled
        }

        private enum CodingKeys: String, CodingKey {
            case isEnabled = "IsEnabled"
        }
    }

    public struct AdvancedCostOptimizationMetrics: AWSEncodableShape & AWSDecodableShape {
        /// A container that indicates whether advanced cost-optimization metrics are enabled.
        public let isEnabled: Bool?

        @inlinable
        public init(isEnabled: Bool? = nil) {
            self.isEnabled = isEnabled
        }

        private enum CodingKeys: String, CodingKey {
            case isEnabled = "IsEnabled"
        }
    }

    public struct AdvancedDataProtectionMetrics: AWSEncodableShape & AWSDecodableShape {
        /// A container that indicates whether advanced data-protection metrics are enabled.
        public let isEnabled: Bool?

        @inlinable
        public init(isEnabled: Bool? = nil) {
            self.isEnabled = isEnabled
        }

        private enum CodingKeys: String, CodingKey {
            case isEnabled = "IsEnabled"
        }
    }

    public struct AssociateAccessGrantsIdentityCenterRequest: AWSEncodableShape {
        public static let _options: AWSShapeOptions = [.checksumRequired]
        /// The Amazon Web Services account ID of the S3 Access Grants instance.
        public let accountId: String
        /// The Amazon Resource Name (ARN) of the Amazon Web Services IAM Identity Center instance that you are associating with your S3 Access Grants instance. An IAM Identity Center instance is your corporate identity directory that you added to the IAM Identity Center. You can use the ListInstances API operation to retrieve a list of your Identity Center instances and their ARNs.
        public let identityCenterArn: String

        @inlinable
        public init(accountId: String, identityCenterArn: String) {
            self.accountId = accountId
            self.identityCenterArn = identityCenterArn
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            var container = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            try container.encode(self.identityCenterArn, forKey: .identityCenterArn)
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.identityCenterArn, name: "identityCenterArn", parent: name, max: 1224)
            try self.validate(self.identityCenterArn, name: "identityCenterArn", parent: name, min: 10)
            try self.validate(self.identityCenterArn, name: "identityCenterArn", parent: name, pattern: "^arn:[^:]+:sso::(\\d{12}){0,1}:instance/.*$")
        }

        private enum CodingKeys: String, CodingKey {
            case identityCenterArn = "IdentityCenterArn"
        }
    }

    public struct AsyncErrorDetails: AWSDecodableShape {
        /// A string that uniquely identifies the error condition.
        public let code: String?
        /// A generic description of the error condition in English.
        public let message: String?
        /// The ID of the request associated with the error.
        public let requestId: String?
        /// The identifier of the resource associated with the error.
        public let resource: String?

        @inlinable
        public init(code: String? = nil, message: String? = nil, requestId: String? = nil, resource: String? = nil) {
            self.code = code
            self.message = message
            self.requestId = requestId
            self.resource = resource
        }

        private enum CodingKeys: String, CodingKey {
            case code = "Code"
            case message = "Message"
            case requestId = "RequestId"
            case resource = "Resource"
        }
    }

    public struct AsyncOperation: AWSDecodableShape {
        /// The time that the request was sent to the service.
        public let creationTime: Date?
        /// The specific operation for the asynchronous request.
        public let operation: AsyncOperationName?
        /// The parameters associated with the request.
        public let requestParameters: AsyncRequestParameters?
        /// The current status of the request.
        public let requestStatus: String?
        /// The request token associated with the request.
        public let requestTokenARN: String?
        /// The details of the response.
        public let responseDetails: AsyncResponseDetails?

        @inlinable
        public init(creationTime: Date? = nil, operation: AsyncOperationName? = nil, requestParameters: AsyncRequestParameters? = nil, requestStatus: String? = nil, requestTokenARN: String? = nil, responseDetails: AsyncResponseDetails? = nil) {
            self.creationTime = creationTime
            self.operation = operation
            self.requestParameters = requestParameters
            self.requestStatus = requestStatus
            self.requestTokenARN = requestTokenARN
            self.responseDetails = responseDetails
        }

        private enum CodingKeys: String, CodingKey {
            case creationTime = "CreationTime"
            case operation = "Operation"
            case requestParameters = "RequestParameters"
            case requestStatus = "RequestStatus"
            case requestTokenARN = "RequestTokenARN"
            case responseDetails = "ResponseDetails"
        }
    }

    public struct AsyncRequestParameters: AWSDecodableShape {
        /// A container of the parameters for a CreateMultiRegionAccessPoint request.
        public let createMultiRegionAccessPointRequest: CreateMultiRegionAccessPointInput?
        /// A container of the parameters for a DeleteMultiRegionAccessPoint request.
        public let deleteMultiRegionAccessPointRequest: DeleteMultiRegionAccessPointInput?
        /// A container of the parameters for a PutMultiRegionAccessPoint request.
        public let putMultiRegionAccessPointPolicyRequest: PutMultiRegionAccessPointPolicyInput?

        @inlinable
        public init(createMultiRegionAccessPointRequest: CreateMultiRegionAccessPointInput? = nil, deleteMultiRegionAccessPointRequest: DeleteMultiRegionAccessPointInput? = nil, putMultiRegionAccessPointPolicyRequest: PutMultiRegionAccessPointPolicyInput? = nil) {
            self.createMultiRegionAccessPointRequest = createMultiRegionAccessPointRequest
            self.deleteMultiRegionAccessPointRequest = deleteMultiRegionAccessPointRequest
            self.putMultiRegionAccessPointPolicyRequest = putMultiRegionAccessPointPolicyRequest
        }

        private enum CodingKeys: String, CodingKey {
            case createMultiRegionAccessPointRequest = "CreateMultiRegionAccessPointRequest"
            case deleteMultiRegionAccessPointRequest = "DeleteMultiRegionAccessPointRequest"
            case putMultiRegionAccessPointPolicyRequest = "PutMultiRegionAccessPointPolicyRequest"
        }
    }

    public struct AsyncResponseDetails: AWSDecodableShape {
        /// Error details for an asynchronous request.
        public let errorDetails: AsyncErrorDetails?
        /// The details for the Multi-Region Access Point.
        public let multiRegionAccessPointDetails: MultiRegionAccessPointsAsyncResponse?

        @inlinable
        public init(errorDetails: AsyncErrorDetails? = nil, multiRegionAccessPointDetails: MultiRegionAccessPointsAsyncResponse? = nil) {
            self.errorDetails = errorDetails
            self.multiRegionAccessPointDetails = multiRegionAccessPointDetails
        }

        private enum CodingKeys: String, CodingKey {
            case errorDetails = "ErrorDetails"
            case multiRegionAccessPointDetails = "MultiRegionAccessPointDetails"
        }
    }

    public struct AwsLambdaTransformation: AWSEncodableShape & AWSDecodableShape {
        /// The Amazon Resource Name (ARN) of the Lambda function.
        public let functionArn: String
        /// Additional JSON that provides supplemental data to the Lambda function used to transform objects.
        public let functionPayload: String?

        @inlinable
        public init(functionArn: String, functionPayload: String? = nil) {
            self.functionArn = functionArn
            self.functionPayload = functionPayload
        }

        public func validate(name: String) throws {
            try self.validate(self.functionArn, name: "functionArn", parent: name, max: 1024)
            try self.validate(self.functionArn, name: "functionArn", parent: name, min: 1)
            try self.validate(self.functionArn, name: "functionArn", parent: name, pattern: "^(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\\d{1}:)?(\\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\\$LATEST|[a-zA-Z0-9-_]+))?$")
        }

        private enum CodingKeys: String, CodingKey {
            case functionArn = "FunctionArn"
            case functionPayload = "FunctionPayload"
        }
    }

    public struct BucketLevel: AWSEncodableShape & AWSDecodableShape {
        /// A container for the bucket-level activity metrics for S3 Storage Lens.
        public let activityMetrics: ActivityMetrics?
        /// A container for bucket-level advanced cost-optimization metrics for S3 Storage Lens.
        public let advancedCostOptimizationMetrics: AdvancedCostOptimizationMetrics?
        /// A container for bucket-level advanced data-protection metrics for S3 Storage Lens.
        public let advancedDataProtectionMetrics: AdvancedDataProtectionMetrics?
        /// A container for bucket-level detailed status code metrics for S3 Storage Lens.
        public let detailedStatusCodesMetrics: DetailedStatusCodesMetrics?
        /// A container for the prefix-level metrics for S3 Storage Lens.
        public let prefixLevel: PrefixLevel?

        @inlinable
        public init(activityMetrics: ActivityMetrics? = nil, advancedCostOptimizationMetrics: AdvancedCostOptimizationMetrics? = nil, advancedDataProtectionMetrics: AdvancedDataProtectionMetrics? = nil, detailedStatusCodesMetrics: DetailedStatusCodesMetrics? = nil, prefixLevel: PrefixLevel? = nil) {
            self.activityMetrics = activityMetrics
            self.advancedCostOptimizationMetrics = advancedCostOptimizationMetrics
            self.advancedDataProtectionMetrics = advancedDataProtectionMetrics
            self.detailedStatusCodesMetrics = detailedStatusCodesMetrics
            self.prefixLevel = prefixLevel
        }

        public func validate(name: String) throws {
            try self.prefixLevel?.validate(name: "\(name).prefixLevel")
        }

        private enum CodingKeys: String, CodingKey {
            case activityMetrics = "ActivityMetrics"
            case advancedCostOptimizationMetrics = "AdvancedCostOptimizationMetrics"
            case advancedDataProtectionMetrics = "AdvancedDataProtectionMetrics"
            case detailedStatusCodesMetrics = "DetailedStatusCodesMetrics"
            case prefixLevel = "PrefixLevel"
        }
    }

    public struct CloudWatchMetrics: AWSEncodableShape & AWSDecodableShape {
        /// A container that indicates whether CloudWatch publishing for S3 Storage Lens metrics is enabled. A value of true indicates that CloudWatch publishing for S3 Storage Lens metrics is enabled.
        public let isEnabled: Bool

        @inlinable
        public init(isEnabled: Bool) {
            self.isEnabled = isEnabled
        }

        private enum CodingKeys: String, CodingKey {
            case isEnabled = "IsEnabled"
        }
    }

    public struct CreateAccessGrantRequest: AWSEncodableShape {
        public static let _options: AWSShapeOptions = [.checksumRequired]
        public struct _TagsEncoding: ArrayCoderProperties { public static let member = "Tag" }

        /// The configuration options of the grant location. The grant location is the S3 path to the data to which you are granting access. It contains the S3SubPrefix field. The grant scope is the result of appending the subprefix to the location scope of the registered location.
        public let accessGrantsLocationConfiguration: AccessGrantsLocationConfiguration?
        /// The ID of the registered location to which you are granting access. S3 Access Grants assigns this ID when you register the location. S3 Access Grants assigns the ID default to the default location s3:// and assigns an auto-generated ID to other locations that you register.  If you are passing the default location, you cannot create an access grant for the entire default location. You must also specify a bucket or a bucket and prefix in the Subprefix field.
        public let accessGrantsLocationId: String
        /// The Amazon Web Services account ID of the S3 Access Grants instance.
        public let accountId: String
        /// The Amazon Resource Name (ARN) of an Amazon Web Services IAM Identity Center application associated with your Identity Center instance. If an application ARN is included in the request to create an access grant, the grantee can only access the S3 data through this application.
        public let applicationArn: String?
        /// The user, group, or role to which you are granting access. You can grant access to an IAM user or role. If you have added your corporate directory to Amazon Web Services IAM Identity Center and associated your Identity Center instance with your S3 Access Grants instance, the grantee can also be a corporate directory user or group.
        public let grantee: Grantee
        /// The type of access that you are granting to your S3 data, which can be set to one of the following values:    READ – Grant read-only access to the S3 data.    WRITE – Grant write-only access to the S3 data.    READWRITE – Grant both read and write access to the S3 data.
        public let permission: Permission
        /// The type of S3SubPrefix. The only possible value is Object. Pass this value if the access grant scope is an object. Do not pass this value if the access grant scope is a bucket or a bucket and a prefix.
        public let s3PrefixType: S3PrefixType?
        /// The Amazon Web Services resource tags that you are adding to the access grant. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.
        @OptionalCustomCoding<ArrayCoder<_TagsEncoding, Tag>>
        public var tags: [Tag]?

        @inlinable
        public init(accessGrantsLocationConfiguration: AccessGrantsLocationConfiguration? = nil, accessGrantsLocationId: String, accountId: String, applicationArn: String? = nil, grantee: Grantee, permission: Permission, s3PrefixType: S3PrefixType? = nil, tags: [Tag]? = nil) {
            self.accessGrantsLocationConfiguration = accessGrantsLocationConfiguration
            self.accessGrantsLocationId = accessGrantsLocationId
            self.accountId = accountId
            self.applicationArn = applicationArn
            self.grantee = grantee
            self.permission = permission
            self.s3PrefixType = s3PrefixType
            self.tags = tags
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            var container = encoder.container(keyedBy: CodingKeys.self)
            try container.encodeIfPresent(self.accessGrantsLocationConfiguration, forKey: .accessGrantsLocationConfiguration)
            try container.encode(self.accessGrantsLocationId, forKey: .accessGrantsLocationId)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            try container.encodeIfPresent(self.applicationArn, forKey: .applicationArn)
            try container.encode(self.grantee, forKey: .grantee)
            try container.encode(self.permission, forKey: .permission)
            try container.encodeIfPresent(self.s3PrefixType, forKey: .s3PrefixType)
            try container.encodeIfPresent(self.tags, forKey: .tags)
        }

        public func validate(name: String) throws {
            try self.accessGrantsLocationConfiguration?.validate(name: "\(name).accessGrantsLocationConfiguration")
            try self.validate(self.accessGrantsLocationId, name: "accessGrantsLocationId", parent: name, max: 64)
            try self.validate(self.accessGrantsLocationId, name: "accessGrantsLocationId", parent: name, min: 1)
            try self.validate(self.accessGrantsLocationId, name: "accessGrantsLocationId", parent: name, pattern: "^[a-zA-Z0-9\\-]+$")
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.applicationArn, name: "applicationArn", parent: name, max: 1224)
            try self.validate(self.applicationArn, name: "applicationArn", parent: name, min: 10)
            try self.validate(self.applicationArn, name: "applicationArn", parent: name, pattern: "^arn:[^:]+:sso::\\d{12}:application/.*$")
            try self.tags?.forEach {
                try $0.validate(name: "\(name).tags[]")
            }
            try self.validate(self.tags, name: "tags", parent: name, max: 50)
        }

        private enum CodingKeys: String, CodingKey {
            case accessGrantsLocationConfiguration = "AccessGrantsLocationConfiguration"
            case accessGrantsLocationId = "AccessGrantsLocationId"
            case applicationArn = "ApplicationArn"
            case grantee = "Grantee"
            case permission = "Permission"
            case s3PrefixType = "S3PrefixType"
            case tags = "Tags"
        }
    }

    public struct CreateAccessGrantResult: AWSDecodableShape {
        /// The Amazon Resource Name (ARN) of the access grant.
        public let accessGrantArn: String?
        /// The ID of the access grant. S3 Access Grants auto-generates this ID when you create the access grant.
        public let accessGrantId: String?
        /// The configuration options of the grant location. The grant location is the S3 path to the data to which you are granting access.
        public let accessGrantsLocationConfiguration: AccessGrantsLocationConfiguration?
        /// The ID of the registered location to which you are granting access. S3 Access Grants assigns this ID when you register the location. S3 Access Grants assigns the ID default to the default location s3:// and assigns an auto-generated ID to other locations that you register.
        public let accessGrantsLocationId: String?
        /// The Amazon Resource Name (ARN) of an Amazon Web Services IAM Identity Center application associated with your Identity Center instance. If the grant includes an application ARN, the grantee can only access the S3 data through this application.
        public let applicationArn: String?
        /// The date and time when you created the access grant.
        public let createdAt: Date?
        /// The user, group, or role to which you are granting access. You can grant access to an IAM user or role. If you have added your corporate directory to Amazon Web Services IAM Identity Center and associated your Identity Center instance with your S3 Access Grants instance, the grantee can also be a corporate directory user or group.
        public let grantee: Grantee?
        /// The S3 path of the data to which you are granting access. It is the result of appending the Subprefix to the location scope.
        public let grantScope: String?
        /// The type of access that you are granting to your S3 data, which can be set to one of the following values:    READ – Grant read-only access to the S3 data.    WRITE – Grant write-only access to the S3 data.    READWRITE – Grant both read and write access to the S3 data.
        public let permission: Permission?

        @inlinable
        public init(accessGrantArn: String? = nil, accessGrantId: String? = nil, accessGrantsLocationConfiguration: AccessGrantsLocationConfiguration? = nil, accessGrantsLocationId: String? = nil, applicationArn: String? = nil, createdAt: Date? = nil, grantee: Grantee? = nil, grantScope: String? = nil, permission: Permission? = nil) {
            self.accessGrantArn = accessGrantArn
            self.accessGrantId = accessGrantId
            self.accessGrantsLocationConfiguration = accessGrantsLocationConfiguration
            self.accessGrantsLocationId = accessGrantsLocationId
            self.applicationArn = applicationArn
            self.createdAt = createdAt
            self.grantee = grantee
            self.grantScope = grantScope
            self.permission = permission
        }

        private enum CodingKeys: String, CodingKey {
            case accessGrantArn = "AccessGrantArn"
            case accessGrantId = "AccessGrantId"
            case accessGrantsLocationConfiguration = "AccessGrantsLocationConfiguration"
            case accessGrantsLocationId = "AccessGrantsLocationId"
            case applicationArn = "ApplicationArn"
            case createdAt = "CreatedAt"
            case grantee = "Grantee"
            case grantScope = "GrantScope"
            case permission = "Permission"
        }
    }

    public struct CreateAccessGrantsInstanceRequest: AWSEncodableShape {
        public static let _options: AWSShapeOptions = [.checksumRequired]
        public struct _TagsEncoding: ArrayCoderProperties { public static let member = "Tag" }

        /// The Amazon Web Services account ID of the S3 Access Grants instance.
        public let accountId: String
        /// If you would like to associate your S3 Access Grants instance with an Amazon Web Services IAM Identity Center instance, use this field to pass the Amazon Resource Name (ARN) of the Amazon Web Services IAM Identity Center instance that you are associating with your S3 Access Grants instance. An IAM Identity Center instance is your corporate identity directory that you added to the IAM Identity Center. You can use the ListInstances API operation to retrieve a list of your Identity Center instances and their ARNs.
        public let identityCenterArn: String?
        /// The Amazon Web Services resource tags that you are adding to the S3 Access Grants instance. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.
        @OptionalCustomCoding<ArrayCoder<_TagsEncoding, Tag>>
        public var tags: [Tag]?

        @inlinable
        public init(accountId: String, identityCenterArn: String? = nil, tags: [Tag]? = nil) {
            self.accountId = accountId
            self.identityCenterArn = identityCenterArn
            self.tags = tags
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            var container = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            try container.encodeIfPresent(self.identityCenterArn, forKey: .identityCenterArn)
            try container.encodeIfPresent(self.tags, forKey: .tags)
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.identityCenterArn, name: "identityCenterArn", parent: name, max: 1224)
            try self.validate(self.identityCenterArn, name: "identityCenterArn", parent: name, min: 10)
            try self.validate(self.identityCenterArn, name: "identityCenterArn", parent: name, pattern: "^arn:[^:]+:sso::(\\d{12}){0,1}:instance/.*$")
            try self.tags?.forEach {
                try $0.validate(name: "\(name).tags[]")
            }
            try self.validate(self.tags, name: "tags", parent: name, max: 50)
        }

        private enum CodingKeys: String, CodingKey {
            case identityCenterArn = "IdentityCenterArn"
            case tags = "Tags"
        }
    }

    public struct CreateAccessGrantsInstanceResult: AWSDecodableShape {
        /// The Amazon Resource Name (ARN) of the Amazon Web Services IAM Identity Center instance that you are associating with your S3 Access Grants instance. An IAM Identity Center instance is your corporate identity directory that you added to the IAM Identity Center. You can use the ListInstances API operation to retrieve a list of your Identity Center instances and their ARNs.
        public let accessGrantsInstanceArn: String?
        /// The ID of the S3 Access Grants instance. The ID is default. You can have one S3 Access Grants instance per Region per account.
        public let accessGrantsInstanceId: String?
        /// The date and time when you created the S3 Access Grants instance.
        public let createdAt: Date?
        /// If you associated your S3 Access Grants instance with an Amazon Web Services IAM Identity Center instance, this field returns the Amazon Resource Name (ARN) of the IAM Identity Center instance application; a subresource of the original Identity Center instance. S3 Access Grants creates this Identity Center application for the specific S3 Access Grants instance.
        public let identityCenterApplicationArn: String?
        /// If you associated your S3 Access Grants instance with an Amazon Web Services IAM Identity Center instance, this field returns the Amazon Resource Name (ARN) of the IAM Identity Center instance application; a subresource of the original Identity Center instance. S3 Access Grants creates this Identity Center application for the specific S3 Access Grants instance.
        public let identityCenterArn: String?
        /// The Amazon Resource Name (ARN) of the Amazon Web Services IAM Identity Center instance that you are associating with your S3 Access Grants instance. An IAM Identity Center instance is your corporate identity directory that you added to the IAM Identity Center. You can use the ListInstances API operation to retrieve a list of your Identity Center instances and their ARNs.
        public let identityCenterInstanceArn: String?

        @inlinable
        public init(accessGrantsInstanceArn: String? = nil, accessGrantsInstanceId: String? = nil, createdAt: Date? = nil, identityCenterApplicationArn: String? = nil, identityCenterInstanceArn: String? = nil) {
            self.accessGrantsInstanceArn = accessGrantsInstanceArn
            self.accessGrantsInstanceId = accessGrantsInstanceId
            self.createdAt = createdAt
            self.identityCenterApplicationArn = identityCenterApplicationArn
            self.identityCenterArn = nil
            self.identityCenterInstanceArn = identityCenterInstanceArn
        }

        @available(*, deprecated, message: "Members identityCenterArn have been deprecated")
        @inlinable
        public init(accessGrantsInstanceArn: String? = nil, accessGrantsInstanceId: String? = nil, createdAt: Date? = nil, identityCenterApplicationArn: String? = nil, identityCenterArn: String? = nil, identityCenterInstanceArn: String? = nil) {
            self.accessGrantsInstanceArn = accessGrantsInstanceArn
            self.accessGrantsInstanceId = accessGrantsInstanceId
            self.createdAt = createdAt
            self.identityCenterApplicationArn = identityCenterApplicationArn
            self.identityCenterArn = identityCenterArn
            self.identityCenterInstanceArn = identityCenterInstanceArn
        }

        private enum CodingKeys: String, CodingKey {
            case accessGrantsInstanceArn = "AccessGrantsInstanceArn"
            case accessGrantsInstanceId = "AccessGrantsInstanceId"
            case createdAt = "CreatedAt"
            case identityCenterApplicationArn = "IdentityCenterApplicationArn"
            case identityCenterArn = "IdentityCenterArn"
            case identityCenterInstanceArn = "IdentityCenterInstanceArn"
        }
    }

    public struct CreateAccessGrantsLocationRequest: AWSEncodableShape {
        public static let _options: AWSShapeOptions = [.checksumRequired]
        public struct _TagsEncoding: ArrayCoderProperties { public static let member = "Tag" }

        /// The Amazon Web Services account ID of the S3 Access Grants instance.
        public let accountId: String
        /// The Amazon Resource Name (ARN) of the IAM role for the registered location. S3 Access Grants assumes this role to manage access to the registered location.
        public let iamRoleArn: String
        /// The S3 path to the location that you are registering. The location scope can be the default S3 location s3://, the S3 path to a bucket s3://, or the S3 path to a bucket and prefix s3:///. A prefix in S3 is a string of characters at the beginning of an object key name used to organize the objects that you store in your S3 buckets. For example, object key names that start with the engineering/ prefix or object key names that start with the marketing/campaigns/ prefix.
        public let locationScope: String
        /// The Amazon Web Services resource tags that you are adding to the S3 Access Grants location. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.
        @OptionalCustomCoding<ArrayCoder<_TagsEncoding, Tag>>
        public var tags: [Tag]?

        @inlinable
        public init(accountId: String, iamRoleArn: String, locationScope: String, tags: [Tag]? = nil) {
            self.accountId = accountId
            self.iamRoleArn = iamRoleArn
            self.locationScope = locationScope
            self.tags = tags
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            var container = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            try container.encode(self.iamRoleArn, forKey: .iamRoleArn)
            try container.encode(self.locationScope, forKey: .locationScope)
            try container.encodeIfPresent(self.tags, forKey: .tags)
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.iamRoleArn, name: "iamRoleArn", parent: name, max: 2048)
            try self.validate(self.iamRoleArn, name: "iamRoleArn", parent: name, min: 1)
            try self.validate(self.iamRoleArn, name: "iamRoleArn", parent: name, pattern: "^arn:[^:]+:iam::\\d{12}:role/")
            try self.validate(self.locationScope, name: "locationScope", parent: name, max: 2000)
            try self.validate(self.locationScope, name: "locationScope", parent: name, min: 1)
            try self.validate(self.locationScope, name: "locationScope", parent: name, pattern: "^.+$")
            try self.tags?.forEach {
                try $0.validate(name: "\(name).tags[]")
            }
            try self.validate(self.tags, name: "tags", parent: name, max: 50)
        }

        private enum CodingKeys: String, CodingKey {
            case iamRoleArn = "IAMRoleArn"
            case locationScope = "LocationScope"
            case tags = "Tags"
        }
    }

    public struct CreateAccessGrantsLocationResult: AWSDecodableShape {
        /// The Amazon Resource Name (ARN) of the location you are registering.
        public let accessGrantsLocationArn: String?
        /// The ID of the registered location to which you are granting access. S3 Access Grants assigns this ID when you register the location. S3 Access Grants assigns the ID default to the default location s3:// and assigns an auto-generated ID to other locations that you register.
        public let accessGrantsLocationId: String?
        /// The date and time when you registered the location.
        public let createdAt: Date?
        /// The Amazon Resource Name (ARN) of the IAM role for the registered location. S3 Access Grants assumes this role to manage access to the registered location.
        public let iamRoleArn: String?
        /// The S3 URI path to the location that you are registering. The location scope can be the default S3 location s3://, the S3 path to a bucket, or the S3 path to a bucket and prefix. A prefix in S3 is a string of characters at the beginning of an object key name used to organize the objects that you store in your S3 buckets. For example, object key names that start with the engineering/ prefix or object key names that start with the marketing/campaigns/ prefix.
        public let locationScope: String?

        @inlinable
        public init(accessGrantsLocationArn: String? = nil, accessGrantsLocationId: String? = nil, createdAt: Date? = nil, iamRoleArn: String? = nil, locationScope: String? = nil) {
            self.accessGrantsLocationArn = accessGrantsLocationArn
            self.accessGrantsLocationId = accessGrantsLocationId
            self.createdAt = createdAt
            self.iamRoleArn = iamRoleArn
            self.locationScope = locationScope
        }

        private enum CodingKeys: String, CodingKey {
            case accessGrantsLocationArn = "AccessGrantsLocationArn"
            case accessGrantsLocationId = "AccessGrantsLocationId"
            case createdAt = "CreatedAt"
            case iamRoleArn = "IAMRoleArn"
            case locationScope = "LocationScope"
        }
    }

    public struct CreateAccessPointForObjectLambdaRequest: AWSEncodableShape {
        /// The Amazon Web Services account ID for owner of the specified Object Lambda Access Point.
        public let accountId: String
        /// Object Lambda Access Point configuration as a JSON document.
        public let configuration: ObjectLambdaConfiguration
        /// The name you want to assign to this Object Lambda Access Point.
        public let name: String

        @inlinable
        public init(accountId: String, configuration: ObjectLambdaConfiguration, name: String) {
            self.accountId = accountId
            self.configuration = configuration
            self.name = name
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            var container = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            try container.encode(self.configuration, forKey: .configuration)
            request.encodePath(self.name, key: "Name")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.configuration.validate(name: "\(name).configuration")
            try self.validate(self.name, name: "name", parent: name, max: 45)
            try self.validate(self.name, name: "name", parent: name, min: 3)
            try self.validate(self.name, name: "name", parent: name, pattern: "^[a-z0-9]([a-z0-9\\-]*[a-z0-9])?$")
        }

        private enum CodingKeys: String, CodingKey {
            case configuration = "Configuration"
        }
    }

    public struct CreateAccessPointForObjectLambdaResult: AWSDecodableShape {
        /// The alias of the Object Lambda Access Point.
        public let alias: ObjectLambdaAccessPointAlias?
        /// Specifies the ARN for the Object Lambda Access Point.
        public let objectLambdaAccessPointArn: String?

        @inlinable
        public init(alias: ObjectLambdaAccessPointAlias? = nil, objectLambdaAccessPointArn: String? = nil) {
            self.alias = alias
            self.objectLambdaAccessPointArn = objectLambdaAccessPointArn
        }

        private enum CodingKeys: String, CodingKey {
            case alias = "Alias"
            case objectLambdaAccessPointArn = "ObjectLambdaAccessPointArn"
        }
    }

    public struct CreateAccessPointRequest: AWSEncodableShape {
        /// The Amazon Web Services account ID for the account that owns the specified access point.
        public let accountId: String
        /// The name of the bucket that you want to associate this access point with. For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well. For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must  specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
        public let bucket: String
        /// The Amazon Web Services account ID associated with the S3 bucket associated with this access point. For same account access point when your bucket and access point belong to the same account owner, the BucketAccountId is not required.  For cross-account access point when your bucket and access point are not in the same account, the BucketAccountId is required.
        public let bucketAccountId: String?
        /// The name you want to assign to this access point. For directory buckets, the access point name must consist of a base name that you provide and suffix that includes the ZoneID (Amazon Web Services Availability Zone or Local Zone) of your bucket location, followed by --xa-s3. For more information, see Managing access to shared datasets in directory buckets with access points in the Amazon S3 User Guide.
        public let name: String
        ///  The PublicAccessBlock configuration that you want to apply to the access point.
        public let publicAccessBlockConfiguration: PublicAccessBlockConfiguration?
        /// For directory buckets, you can filter access control to specific prefixes, API operations, or a combination of both. For more information, see Managing access to shared datasets in directory buckets with access points in the Amazon S3 User Guide.  Scope is only supported for access points attached to directory buckets.
        public let scope: Scope?
        /// If you include this field, Amazon S3 restricts access to this access point to requests from the specified virtual private cloud (VPC).  This is required for creating an access point for Amazon S3 on Outposts buckets.
        public let vpcConfiguration: VpcConfiguration?

        @inlinable
        public init(accountId: String, bucket: String, bucketAccountId: String? = nil, name: String, publicAccessBlockConfiguration: PublicAccessBlockConfiguration? = nil, scope: Scope? = nil, vpcConfiguration: VpcConfiguration? = nil) {
            self.accountId = accountId
            self.bucket = bucket
            self.bucketAccountId = bucketAccountId
            self.name = name
            self.publicAccessBlockConfiguration = publicAccessBlockConfiguration
            self.scope = scope
            self.vpcConfiguration = vpcConfiguration
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            var container = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            try container.encode(self.bucket, forKey: .bucket)
            try container.encodeIfPresent(self.bucketAccountId, forKey: .bucketAccountId)
            request.encodePath(self.name, key: "Name")
            try container.encodeIfPresent(self.publicAccessBlockConfiguration, forKey: .publicAccessBlockConfiguration)
            try container.encodeIfPresent(self.scope, forKey: .scope)
            try container.encodeIfPresent(self.vpcConfiguration, forKey: .vpcConfiguration)
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.bucket, name: "bucket", parent: name, max: 255)
            try self.validate(self.bucket, name: "bucket", parent: name, min: 3)
            try self.validate(self.bucketAccountId, name: "bucketAccountId", parent: name, max: 64)
            try self.validate(self.bucketAccountId, name: "bucketAccountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.name, name: "name", parent: name, max: 255)
            try self.validate(self.name, name: "name", parent: name, min: 3)
            try self.vpcConfiguration?.validate(name: "\(name).vpcConfiguration")
        }

        private enum CodingKeys: String, CodingKey {
            case bucket = "Bucket"
            case bucketAccountId = "BucketAccountId"
            case publicAccessBlockConfiguration = "PublicAccessBlockConfiguration"
            case scope = "Scope"
            case vpcConfiguration = "VpcConfiguration"
        }
    }

    public struct CreateAccessPointResult: AWSDecodableShape {
        /// The ARN of the access point.  This is only supported by Amazon S3 on Outposts.
        public let accessPointArn: String?
        /// The name or alias of the access point.
        public let alias: String?

        @inlinable
        public init(accessPointArn: String? = nil, alias: String? = nil) {
            self.accessPointArn = accessPointArn
            self.alias = alias
        }

        private enum CodingKeys: String, CodingKey {
            case accessPointArn = "AccessPointArn"
            case alias = "Alias"
        }
    }

    public struct CreateBucketConfiguration: AWSEncodableShape {
        /// Specifies the Region where the bucket will be created. If you are creating a bucket on the US East (N. Virginia) Region (us-east-1), you do not need to specify the location.   This is not supported by Amazon S3 on Outposts buckets.
        public let locationConstraint: BucketLocationConstraint?

        @inlinable
        public init(locationConstraint: BucketLocationConstraint? = nil) {
            self.locationConstraint = locationConstraint
        }

        private enum CodingKeys: String, CodingKey {
            case locationConstraint = "LocationConstraint"
        }
    }

    public struct CreateBucketRequest: AWSEncodableShape {
        public static let _options: AWSShapeOptions = [.checksumRequired]
        public static let _xmlRootNodeName: String? = "CreateBucketConfiguration"
        /// The canned ACL to apply to the bucket.  This is not supported by Amazon S3 on Outposts buckets.
        public let acl: BucketCannedACL?
        /// The name of the bucket.
        public let bucket: String
        /// The configuration information for the bucket.  This is not supported by Amazon S3 on Outposts buckets.
        public let createBucketConfiguration: CreateBucketConfiguration?
        /// Allows grantee the read, write, read ACP, and write ACP permissions on the bucket.  This is not supported by Amazon S3 on Outposts buckets.
        public let grantFullControl: String?
        /// Allows grantee to list the objects in the bucket.  This is not supported by Amazon S3 on Outposts buckets.
        public let grantRead: String?
        /// Allows grantee to read the bucket ACL.  This is not supported by Amazon S3 on Outposts buckets.
        public let grantReadACP: String?
        /// Allows grantee to create, overwrite, and delete any object in the bucket.  This is not supported by Amazon S3 on Outposts buckets.
        public let grantWrite: String?
        /// Allows grantee to write the ACL for the applicable bucket.  This is not supported by Amazon S3 on Outposts buckets.
        public let grantWriteACP: String?
        /// Specifies whether you want S3 Object Lock to be enabled for the new bucket.  This is not supported by Amazon S3 on Outposts buckets.
        public let objectLockEnabledForBucket: Bool?
        /// The ID of the Outposts where the bucket is being created.  This ID is required by Amazon S3 on Outposts buckets.
        public let outpostId: String?

        @inlinable
        public init(acl: BucketCannedACL? = nil, bucket: String, createBucketConfiguration: CreateBucketConfiguration? = nil, grantFullControl: String? = nil, grantRead: String? = nil, grantReadACP: String? = nil, grantWrite: String? = nil, grantWriteACP: String? = nil, objectLockEnabledForBucket: Bool? = nil, outpostId: String? = nil) {
            self.acl = acl
            self.bucket = bucket
            self.createBucketConfiguration = createBucketConfiguration
            self.grantFullControl = grantFullControl
            self.grantRead = grantRead
            self.grantReadACP = grantReadACP
            self.grantWrite = grantWrite
            self.grantWriteACP = grantWriteACP
            self.objectLockEnabledForBucket = objectLockEnabledForBucket
            self.outpostId = outpostId
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            var container = encoder.singleValueContainer()
            request.encodeHeader(self.acl, key: "x-amz-acl")
            request.encodePath(self.bucket, key: "Bucket")
            try container.encode(self.createBucketConfiguration)
            request.encodeHeader(self.grantFullControl, key: "x-amz-grant-full-control")
            request.encodeHeader(self.grantRead, key: "x-amz-grant-read")
            request.encodeHeader(self.grantReadACP, key: "x-amz-grant-read-acp")
            request.encodeHeader(self.grantWrite, key: "x-amz-grant-write")
            request.encodeHeader(self.grantWriteACP, key: "x-amz-grant-write-acp")
            request.encodeHeader(self.objectLockEnabledForBucket, key: "x-amz-bucket-object-lock-enabled")
            request.encodeHeader(self.outpostId, key: "x-amz-outpost-id")
        }

        public func validate(name: String) throws {
            try self.validate(self.bucket, name: "bucket", parent: name, max: 255)
            try self.validate(self.bucket, name: "bucket", parent: name, min: 3)
            try self.validate(self.outpostId, name: "outpostId", parent: name, max: 64)
            try self.validate(self.outpostId, name: "outpostId", parent: name, min: 1)
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct CreateBucketResult: AWSDecodableShape {
        /// The Amazon Resource Name (ARN) of the bucket. For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well. For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must  specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
        public let bucketArn: String?
        /// The location of the bucket.
        public let location: String?

        @inlinable
        public init(bucketArn: String? = nil, location: String? = nil) {
            self.bucketArn = bucketArn
            self.location = location
        }

        public init(from decoder: Decoder) throws {
            let response = decoder.userInfo[.awsResponse]! as! ResponseDecodingContainer
            let container = try decoder.container(keyedBy: CodingKeys.self)
            self.bucketArn = try container.decodeIfPresent(String.self, forKey: .bucketArn)
            self.location = try response.decodeHeaderIfPresent(String.self, key: "Location")
        }

        private enum CodingKeys: String, CodingKey {
            case bucketArn = "BucketArn"
        }
    }

    public struct CreateJobRequest: AWSEncodableShape {
        /// The Amazon Web Services account ID that creates the job.
        public let accountId: String
        /// An idempotency token to ensure that you don't accidentally submit the same request twice. You can use any string up to the maximum length.
        public let clientRequestToken: String
        /// Indicates whether confirmation is required before Amazon S3 runs the job. Confirmation is only required for jobs created through the Amazon S3 console.
        public let confirmationRequired: Bool?
        /// A description for this job. You can use any string within the permitted length. Descriptions don't need to be unique and can be used for multiple jobs.
        public let description: String?
        /// Configuration parameters for the manifest.
        public let manifest: JobManifest?
        /// The attribute container for the ManifestGenerator details. Jobs must be created with either a manifest file or a ManifestGenerator, but not both.
        public let manifestGenerator: JobManifestGenerator?
        /// The action that you want this job to perform on every object listed in the manifest. For more information about the available actions, see Operations in the Amazon S3 User Guide.
        public let operation: JobOperation
        /// The numerical priority for this job. Higher numbers indicate higher priority.
        public let priority: Int
        /// Configuration parameters for the optional job-completion report.
        public let report: JobReport
        /// The Amazon Resource Name (ARN) for the Identity and Access Management (IAM) role that Batch Operations will use to run this job's action on every object in the manifest.
        public let roleArn: String
        /// A set of tags to associate with the S3 Batch Operations job. This is an optional parameter.
        @OptionalCustomCoding<StandardArrayCoder<S3Tag>>
        public var tags: [S3Tag]?

        @inlinable
        public init(accountId: String, clientRequestToken: String = CreateJobRequest.idempotencyToken(), confirmationRequired: Bool? = nil, description: String? = nil, manifest: JobManifest? = nil, manifestGenerator: JobManifestGenerator? = nil, operation: JobOperation, priority: Int, report: JobReport, roleArn: String, tags: [S3Tag]? = nil) {
            self.accountId = accountId
            self.clientRequestToken = clientRequestToken
            self.confirmationRequired = confirmationRequired
            self.description = description
            self.manifest = manifest
            self.manifestGenerator = manifestGenerator
            self.operation = operation
            self.priority = priority
            self.report = report
            self.roleArn = roleArn
            self.tags = tags
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            var container = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            try container.encode(self.clientRequestToken, forKey: .clientRequestToken)
            try container.encodeIfPresent(self.confirmationRequired, forKey: .confirmationRequired)
            try container.encodeIfPresent(self.description, forKey: .description)
            try container.encodeIfPresent(self.manifest, forKey: .manifest)
            try container.encodeIfPresent(self.manifestGenerator, forKey: .manifestGenerator)
            try container.encode(self.operation, forKey: .operation)
            try container.encode(self.priority, forKey: .priority)
            try container.encode(self.report, forKey: .report)
            try container.encode(self.roleArn, forKey: .roleArn)
            try container.encodeIfPresent(self.tags, forKey: .tags)
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.clientRequestToken, name: "clientRequestToken", parent: name, max: 64)
            try self.validate(self.clientRequestToken, name: "clientRequestToken", parent: name, min: 1)
            try self.validate(self.description, name: "description", parent: name, max: 256)
            try self.validate(self.description, name: "description", parent: name, min: 1)
            try self.manifest?.validate(name: "\(name).manifest")
            try self.manifestGenerator?.validate(name: "\(name).manifestGenerator")
            try self.operation.validate(name: "\(name).operation")
            try self.validate(self.priority, name: "priority", parent: name, max: 2147483647)
            try self.validate(self.priority, name: "priority", parent: name, min: 0)
            try self.report.validate(name: "\(name).report")
            try self.validate(self.roleArn, name: "roleArn", parent: name, max: 2048)
            try self.validate(self.roleArn, name: "roleArn", parent: name, min: 1)
            try self.validate(self.roleArn, name: "roleArn", parent: name, pattern: "^arn:[^:]+:iam::\\d{12}:role/")
            try self.tags?.forEach {
                try $0.validate(name: "\(name).tags[]")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case clientRequestToken = "ClientRequestToken"
            case confirmationRequired = "ConfirmationRequired"
            case description = "Description"
            case manifest = "Manifest"
            case manifestGenerator = "ManifestGenerator"
            case operation = "Operation"
            case priority = "Priority"
            case report = "Report"
            case roleArn = "RoleArn"
            case tags = "Tags"
        }
    }

    public struct CreateJobResult: AWSDecodableShape {
        /// The ID for this job. Amazon S3 generates this ID automatically and returns it after a successful Create Job request.
        public let jobId: String?

        @inlinable
        public init(jobId: String? = nil) {
            self.jobId = jobId
        }

        private enum CodingKeys: String, CodingKey {
            case jobId = "JobId"
        }
    }

    public struct CreateMultiRegionAccessPointInput: AWSEncodableShape & AWSDecodableShape {
        public struct _RegionsEncoding: ArrayCoderProperties { public static let member = "Region" }

        /// The name of the Multi-Region Access Point associated with this request.
        public let name: String
        public let publicAccessBlock: PublicAccessBlockConfiguration?
        /// The buckets in different Regions that are associated with the Multi-Region Access Point.
        @CustomCoding<ArrayCoder<_RegionsEncoding, Region>>
        public var regions: [Region]

        @inlinable
        public init(name: String, publicAccessBlock: PublicAccessBlockConfiguration? = nil, regions: [Region]) {
            self.name = name
            self.publicAccessBlock = publicAccessBlock
            self.regions = regions
        }

        public func validate(name: String) throws {
            try self.validate(self.name, name: "name", parent: name, max: 50)
            try self.validate(self.name, name: "name", parent: name, pattern: "^[a-z0-9][-a-z0-9]{1,48}[a-z0-9]$")
            try self.regions.forEach {
                try $0.validate(name: "\(name).regions[]")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case name = "Name"
            case publicAccessBlock = "PublicAccessBlock"
            case regions = "Regions"
        }
    }

    public struct CreateMultiRegionAccessPointRequest: AWSEncodableShape {
        public static let _options: AWSShapeOptions = [.checksumRequired]
        /// The Amazon Web Services account ID for the owner of the Multi-Region Access Point. The owner of the Multi-Region Access Point also must own the underlying buckets.
        public let accountId: String
        /// An idempotency token used to identify the request and guarantee that requests are unique.
        public let clientToken: String
        /// A container element containing details about the Multi-Region Access Point.
        public let details: CreateMultiRegionAccessPointInput

        @inlinable
        public init(accountId: String, clientToken: String = CreateMultiRegionAccessPointRequest.idempotencyToken(), details: CreateMultiRegionAccessPointInput) {
            self.accountId = accountId
            self.clientToken = clientToken
            self.details = details
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            var container = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            try container.encode(self.clientToken, forKey: .clientToken)
            try container.encode(self.details, forKey: .details)
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.clientToken, name: "clientToken", parent: name, max: 64)
            try self.validate(self.clientToken, name: "clientToken", parent: name, pattern: "^\\S+$")
            try self.details.validate(name: "\(name).details")
        }

        private enum CodingKeys: String, CodingKey {
            case clientToken = "ClientToken"
            case details = "Details"
        }
    }

    public struct CreateMultiRegionAccessPointResult: AWSDecodableShape {
        /// The request token associated with the request. You can use this token with DescribeMultiRegionAccessPointOperation to determine the status of asynchronous requests.
        public let requestTokenARN: String?

        @inlinable
        public init(requestTokenARN: String? = nil) {
            self.requestTokenARN = requestTokenARN
        }

        private enum CodingKeys: String, CodingKey {
            case requestTokenARN = "RequestTokenARN"
        }
    }

    public struct CreateStorageLensGroupRequest: AWSEncodableShape {
        public struct _TagsEncoding: ArrayCoderProperties { public static let member = "Tag" }

        /// The Amazon Web Services account ID that the Storage Lens group is created from and associated with.
        public let accountId: String
        /// The Storage Lens group configuration.
        public let storageLensGroup: StorageLensGroup
        /// The Amazon Web Services resource tags that you're adding to your Storage Lens group. This parameter is optional.
        @OptionalCustomCoding<ArrayCoder<_TagsEncoding, Tag>>
        public var tags: [Tag]?

        @inlinable
        public init(accountId: String, storageLensGroup: StorageLensGroup, tags: [Tag]? = nil) {
            self.accountId = accountId
            self.storageLensGroup = storageLensGroup
            self.tags = tags
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            var container = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            try container.encode(self.storageLensGroup, forKey: .storageLensGroup)
            try container.encodeIfPresent(self.tags, forKey: .tags)
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.storageLensGroup.validate(name: "\(name).storageLensGroup")
            try self.tags?.forEach {
                try $0.validate(name: "\(name).tags[]")
            }
            try self.validate(self.tags, name: "tags", parent: name, max: 50)
        }

        private enum CodingKeys: String, CodingKey {
            case storageLensGroup = "StorageLensGroup"
            case tags = "Tags"
        }
    }

    public struct Credentials: AWSDecodableShape {
        /// The unique access key ID of the Amazon Web Services STS temporary credential that S3 Access Grants vends to grantees and client applications.
        public let accessKeyId: String?
        /// The expiration date and time of the temporary credential that S3 Access Grants vends to grantees and client applications.
        public let expiration: Date?
        /// The secret access key of the Amazon Web Services STS temporary credential that S3 Access Grants vends to grantees and client applications.
        public let secretAccessKey: String?
        /// The Amazon Web Services STS temporary credential that S3 Access Grants vends to grantees and client applications.
        public let sessionToken: String?

        @inlinable
        public init(accessKeyId: String? = nil, expiration: Date? = nil, secretAccessKey: String? = nil, sessionToken: String? = nil) {
            self.accessKeyId = accessKeyId
            self.expiration = expiration
            self.secretAccessKey = secretAccessKey
            self.sessionToken = sessionToken
        }

        private enum CodingKeys: String, CodingKey {
            case accessKeyId = "AccessKeyId"
            case expiration = "Expiration"
            case secretAccessKey = "SecretAccessKey"
            case sessionToken = "SessionToken"
        }
    }

    public struct DeleteAccessGrantRequest: AWSEncodableShape {
        public static let _options: AWSShapeOptions = [.checksumRequired]
        /// The ID of the access grant. S3 Access Grants auto-generates this ID when you create the access grant.
        public let accessGrantId: String
        /// The Amazon Web Services account ID of the S3 Access Grants instance.
        public let accountId: String

        @inlinable
        public init(accessGrantId: String, accountId: String) {
            self.accessGrantId = accessGrantId
            self.accountId = accountId
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodePath(self.accessGrantId, key: "AccessGrantId")
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
        }

        public func validate(name: String) throws {
            try self.validate(self.accessGrantId, name: "accessGrantId", parent: name, max: 64)
            try self.validate(self.accessGrantId, name: "accessGrantId", parent: name, min: 1)
            try self.validate(self.accessGrantId, name: "accessGrantId", parent: name, pattern: "^[a-zA-Z0-9\\-]+$")
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct DeleteAccessGrantsInstanceRequest: AWSEncodableShape {
        public static let _options: AWSShapeOptions = [.checksumRequired]
        /// The Amazon Web Services account ID of the S3 Access Grants instance.
        public let accountId: String

        @inlinable
        public init(accountId: String) {
            self.accountId = accountId
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct DeleteAccessGrantsInstanceResourcePolicyRequest: AWSEncodableShape {
        public static let _options: AWSShapeOptions = [.checksumRequired]
        /// The Amazon Web Services account ID of the S3 Access Grants instance.
        public let accountId: String

        @inlinable
        public init(accountId: String) {
            self.accountId = accountId
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct DeleteAccessGrantsLocationRequest: AWSEncodableShape {
        public static let _options: AWSShapeOptions = [.checksumRequired]
        /// The ID of the registered location that you are deregistering from your S3 Access Grants instance. S3 Access Grants assigned this ID when you registered the location. S3 Access Grants assigns the ID default to the default location s3:// and assigns an auto-generated ID to other locations that you register.
        public let accessGrantsLocationId: String
        /// The Amazon Web Services account ID of the S3 Access Grants instance.
        public let accountId: String

        @inlinable
        public init(accessGrantsLocationId: String, accountId: String) {
            self.accessGrantsLocationId = accessGrantsLocationId
            self.accountId = accountId
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodePath(self.accessGrantsLocationId, key: "AccessGrantsLocationId")
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
        }

        public func validate(name: String) throws {
            try self.validate(self.accessGrantsLocationId, name: "accessGrantsLocationId", parent: name, max: 64)
            try self.validate(self.accessGrantsLocationId, name: "accessGrantsLocationId", parent: name, min: 1)
            try self.validate(self.accessGrantsLocationId, name: "accessGrantsLocationId", parent: name, pattern: "^[a-zA-Z0-9\\-]+$")
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct DeleteAccessPointForObjectLambdaRequest: AWSEncodableShape {
        /// The account ID for the account that owns the specified Object Lambda Access Point.
        public let accountId: String
        /// The name of the access point you want to delete.
        public let name: String

        @inlinable
        public init(accountId: String, name: String) {
            self.accountId = accountId
            self.name = name
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.name, key: "Name")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.name, name: "name", parent: name, max: 45)
            try self.validate(self.name, name: "name", parent: name, min: 3)
            try self.validate(self.name, name: "name", parent: name, pattern: "^[a-z0-9]([a-z0-9\\-]*[a-z0-9])?$")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct DeleteAccessPointPolicyForObjectLambdaRequest: AWSEncodableShape {
        /// The account ID for the account that owns the specified Object Lambda Access Point.
        public let accountId: String
        /// The name of the Object Lambda Access Point you want to delete the policy for.
        public let name: String

        @inlinable
        public init(accountId: String, name: String) {
            self.accountId = accountId
            self.name = name
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.name, key: "Name")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.name, name: "name", parent: name, max: 45)
            try self.validate(self.name, name: "name", parent: name, min: 3)
            try self.validate(self.name, name: "name", parent: name, pattern: "^[a-z0-9]([a-z0-9\\-]*[a-z0-9])?$")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct DeleteAccessPointPolicyRequest: AWSEncodableShape {
        /// The account ID for the account that owns the specified access point.
        public let accountId: String
        /// The name of the access point whose policy you want to delete. For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well. For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must  specify the ARN of the access point accessed in the format arn:aws:s3-outposts:::outpost//accesspoint/. For example, to access the access point reports-ap through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/accesspoint/reports-ap. The value must be URL encoded.
        public let name: String

        @inlinable
        public init(accountId: String, name: String) {
            self.accountId = accountId
            self.name = name
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.name, key: "Name")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.name, name: "name", parent: name, max: 255)
            try self.validate(self.name, name: "name", parent: name, min: 3)
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct DeleteAccessPointRequest: AWSEncodableShape {
        /// The Amazon Web Services account ID for the account that owns the specified access point.
        public let accountId: String
        /// The name of the access point you want to delete. For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well. For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must  specify the ARN of the access point accessed in the format arn:aws:s3-outposts:::outpost//accesspoint/. For example, to access the access point reports-ap through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/accesspoint/reports-ap. The value must be URL encoded.
        public let name: String

        @inlinable
        public init(accountId: String, name: String) {
            self.accountId = accountId
            self.name = name
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.name, key: "Name")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.name, name: "name", parent: name, max: 255)
            try self.validate(self.name, name: "name", parent: name, min: 3)
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct DeleteAccessPointScopeRequest: AWSEncodableShape {
        ///  The Amazon Web Services account ID that owns the access point with the scope that you want to delete.
        public let accountId: String
        ///  The name of the access point with the scope that you want to delete.
        public let name: String

        @inlinable
        public init(accountId: String, name: String) {
            self.accountId = accountId
            self.name = name
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.name, key: "Name")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.name, name: "name", parent: name, max: 255)
            try self.validate(self.name, name: "name", parent: name, min: 3)
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct DeleteBucketLifecycleConfigurationRequest: AWSEncodableShape {
        /// The account ID of the lifecycle configuration to delete.
        public let accountId: String
        /// Specifies the bucket. For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well. For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must  specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
        public let bucket: String

        @inlinable
        public init(accountId: String, bucket: String) {
            self.accountId = accountId
            self.bucket = bucket
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.bucket, key: "Bucket")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.bucket, name: "bucket", parent: name, max: 255)
            try self.validate(self.bucket, name: "bucket", parent: name, min: 3)
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct DeleteBucketPolicyRequest: AWSEncodableShape {
        /// The account ID of the Outposts bucket.
        public let accountId: String
        /// Specifies the bucket. For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well. For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must  specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
        public let bucket: String

        @inlinable
        public init(accountId: String, bucket: String) {
            self.accountId = accountId
            self.bucket = bucket
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.bucket, key: "Bucket")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.bucket, name: "bucket", parent: name, max: 255)
            try self.validate(self.bucket, name: "bucket", parent: name, min: 3)
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct DeleteBucketReplicationRequest: AWSEncodableShape {
        /// The Amazon Web Services account ID of the Outposts bucket to delete the replication configuration for.
        public let accountId: String
        /// Specifies the S3 on Outposts bucket to delete the replication configuration for. For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well. For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must  specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
        public let bucket: String

        @inlinable
        public init(accountId: String, bucket: String) {
            self.accountId = accountId
            self.bucket = bucket
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.bucket, key: "Bucket")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.bucket, name: "bucket", parent: name, max: 255)
            try self.validate(self.bucket, name: "bucket", parent: name, min: 3)
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct DeleteBucketRequest: AWSEncodableShape {
        /// The account ID that owns the Outposts bucket.
        public let accountId: String
        /// Specifies the bucket being deleted. For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well. For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must  specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
        public let bucket: String

        @inlinable
        public init(accountId: String, bucket: String) {
            self.accountId = accountId
            self.bucket = bucket
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.bucket, key: "Bucket")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.bucket, name: "bucket", parent: name, max: 255)
            try self.validate(self.bucket, name: "bucket", parent: name, min: 3)
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct DeleteBucketTaggingRequest: AWSEncodableShape {
        /// The Amazon Web Services account ID of the Outposts bucket tag set to be removed.
        public let accountId: String
        /// The bucket ARN that has the tag set to be removed. For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well. For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must  specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
        public let bucket: String

        @inlinable
        public init(accountId: String, bucket: String) {
            self.accountId = accountId
            self.bucket = bucket
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.bucket, key: "Bucket")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.bucket, name: "bucket", parent: name, max: 255)
            try self.validate(self.bucket, name: "bucket", parent: name, min: 3)
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct DeleteJobTaggingRequest: AWSEncodableShape {
        /// The Amazon Web Services account ID associated with the S3 Batch Operations job.
        public let accountId: String
        /// The ID for the S3 Batch Operations job whose tags you want to delete.
        public let jobId: String

        @inlinable
        public init(accountId: String, jobId: String) {
            self.accountId = accountId
            self.jobId = jobId
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.jobId, key: "JobId")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.jobId, name: "jobId", parent: name, max: 36)
            try self.validate(self.jobId, name: "jobId", parent: name, min: 5)
            try self.validate(self.jobId, name: "jobId", parent: name, pattern: "^[a-zA-Z0-9\\-\\_]+$")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct DeleteJobTaggingResult: AWSDecodableShape {
        public init() {}
    }

    public struct DeleteMarkerReplication: AWSEncodableShape & AWSDecodableShape {
        /// Indicates whether to replicate delete markers.
        public let status: DeleteMarkerReplicationStatus

        @inlinable
        public init(status: DeleteMarkerReplicationStatus) {
            self.status = status
        }

        private enum CodingKeys: String, CodingKey {
            case status = "Status"
        }
    }

    public struct DeleteMultiRegionAccessPointInput: AWSEncodableShape & AWSDecodableShape {
        /// The name of the Multi-Region Access Point associated with this request.
        public let name: String

        @inlinable
        public init(name: String) {
            self.name = name
        }

        public func validate(name: String) throws {
            try self.validate(self.name, name: "name", parent: name, max: 50)
            try self.validate(self.name, name: "name", parent: name, pattern: "^[a-z0-9][-a-z0-9]{1,48}[a-z0-9]$")
        }

        private enum CodingKeys: String, CodingKey {
            case name = "Name"
        }
    }

    public struct DeleteMultiRegionAccessPointRequest: AWSEncodableShape {
        public static let _options: AWSShapeOptions = [.checksumRequired]
        /// The Amazon Web Services account ID for the owner of the Multi-Region Access Point.
        public let accountId: String
        /// An idempotency token used to identify the request and guarantee that requests are unique.
        public let clientToken: String
        /// A container element containing details about the Multi-Region Access Point.
        public let details: DeleteMultiRegionAccessPointInput

        @inlinable
        public init(accountId: String, clientToken: String = DeleteMultiRegionAccessPointRequest.idempotencyToken(), details: DeleteMultiRegionAccessPointInput) {
            self.accountId = accountId
            self.clientToken = clientToken
            self.details = details
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            var container = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            try container.encode(self.clientToken, forKey: .clientToken)
            try container.encode(self.details, forKey: .details)
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.clientToken, name: "clientToken", parent: name, max: 64)
            try self.validate(self.clientToken, name: "clientToken", parent: name, pattern: "^\\S+$")
            try self.details.validate(name: "\(name).details")
        }

        private enum CodingKeys: String, CodingKey {
            case clientToken = "ClientToken"
            case details = "Details"
        }
    }

    public struct DeleteMultiRegionAccessPointResult: AWSDecodableShape {
        /// The request token associated with the request. You can use this token with DescribeMultiRegionAccessPointOperation to determine the status of asynchronous requests.
        public let requestTokenARN: String?

        @inlinable
        public init(requestTokenARN: String? = nil) {
            self.requestTokenARN = requestTokenARN
        }

        private enum CodingKeys: String, CodingKey {
            case requestTokenARN = "RequestTokenARN"
        }
    }

    public struct DeletePublicAccessBlockRequest: AWSEncodableShape {
        /// The account ID for the Amazon Web Services account whose PublicAccessBlock configuration you want to remove.
        public let accountId: String

        @inlinable
        public init(accountId: String) {
            self.accountId = accountId
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct DeleteStorageLensConfigurationRequest: AWSEncodableShape {
        /// The account ID of the requester.
        public let accountId: String
        /// The ID of the S3 Storage Lens configuration.
        public let configId: String

        @inlinable
        public init(accountId: String, configId: String) {
            self.accountId = accountId
            self.configId = configId
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.configId, key: "ConfigId")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.configId, name: "configId", parent: name, max: 64)
            try self.validate(self.configId, name: "configId", parent: name, min: 1)
            try self.validate(self.configId, name: "configId", parent: name, pattern: "^[a-zA-Z0-9\\-\\_\\.]+$")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct DeleteStorageLensConfigurationTaggingRequest: AWSEncodableShape {
        /// The account ID of the requester.
        public let accountId: String
        /// The ID of the S3 Storage Lens configuration.
        public let configId: String

        @inlinable
        public init(accountId: String, configId: String) {
            self.accountId = accountId
            self.configId = configId
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.configId, key: "ConfigId")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.configId, name: "configId", parent: name, max: 64)
            try self.validate(self.configId, name: "configId", parent: name, min: 1)
            try self.validate(self.configId, name: "configId", parent: name, pattern: "^[a-zA-Z0-9\\-\\_\\.]+$")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct DeleteStorageLensConfigurationTaggingResult: AWSDecodableShape {
        public init() {}
    }

    public struct DeleteStorageLensGroupRequest: AWSEncodableShape {
        /// The Amazon Web Services account ID used to create the Storage Lens group that you're trying to delete.
        public let accountId: String
        /// The name of the Storage Lens group that you're trying to delete.
        public let name: String

        @inlinable
        public init(accountId: String, name: String) {
            self.accountId = accountId
            self.name = name
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.name, key: "Name")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.name, name: "name", parent: name, max: 64)
            try self.validate(self.name, name: "name", parent: name, min: 1)
            try self.validate(self.name, name: "name", parent: name, pattern: "^[a-zA-Z0-9\\-\\_]+$")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct DescribeJobRequest: AWSEncodableShape {
        /// The Amazon Web Services account ID associated with the S3 Batch Operations job.
        public let accountId: String
        /// The ID for the job whose information you want to retrieve.
        public let jobId: String

        @inlinable
        public init(accountId: String, jobId: String) {
            self.accountId = accountId
            self.jobId = jobId
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.jobId, key: "JobId")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.jobId, name: "jobId", parent: name, max: 36)
            try self.validate(self.jobId, name: "jobId", parent: name, min: 5)
            try self.validate(self.jobId, name: "jobId", parent: name, pattern: "^[a-zA-Z0-9\\-\\_]+$")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct DescribeJobResult: AWSDecodableShape {
        /// Contains the configuration parameters and status for the job specified in the Describe Job request.
        public let job: JobDescriptor?

        @inlinable
        public init(job: JobDescriptor? = nil) {
            self.job = job
        }

        private enum CodingKeys: String, CodingKey {
            case job = "Job"
        }
    }

    public struct DescribeMultiRegionAccessPointOperationRequest: AWSEncodableShape {
        public static let _options: AWSShapeOptions = [.checksumRequired]
        /// The Amazon Web Services account ID for the owner of the Multi-Region Access Point.
        public let accountId: String
        /// The request token associated with the request you want to know about. This request token is returned as part of the response when you make an asynchronous request. You provide this token to query about the status of the asynchronous action.
        public let requestTokenARN: String

        @inlinable
        public init(accountId: String, requestTokenARN: String) {
            self.accountId = accountId
            self.requestTokenARN = requestTokenARN
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.requestTokenARN, key: "RequestTokenARN")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.requestTokenARN, name: "requestTokenARN", parent: name, max: 1024)
            try self.validate(self.requestTokenARN, name: "requestTokenARN", parent: name, min: 1)
            try self.validate(self.requestTokenARN, name: "requestTokenARN", parent: name, pattern: "^arn:.+$")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct DescribeMultiRegionAccessPointOperationResult: AWSDecodableShape {
        /// A container element containing the details of the asynchronous operation.
        public let asyncOperation: AsyncOperation?

        @inlinable
        public init(asyncOperation: AsyncOperation? = nil) {
            self.asyncOperation = asyncOperation
        }

        private enum CodingKeys: String, CodingKey {
            case asyncOperation = "AsyncOperation"
        }
    }

    public struct Destination: AWSEncodableShape & AWSDecodableShape {
        /// Specify this property only in a cross-account scenario (where the source and destination bucket owners are not the same), and you want to change replica ownership to the Amazon Web Services account that owns the destination bucket. If this property is not specified in the replication configuration, the replicas are owned by same Amazon Web Services account that owns the source object.  This is not supported by Amazon S3 on Outposts buckets.
        public let accessControlTranslation: AccessControlTranslation?
        /// The destination bucket owner's account ID.
        public let account: String?
        /// The Amazon Resource Name (ARN) of the access point for the destination bucket where you want S3 on Outposts to store the replication results.
        public let bucket: String
        /// A container that provides information about encryption. If SourceSelectionCriteria is specified, you must specify this element.  This is not supported by Amazon S3 on Outposts buckets.
        public let encryptionConfiguration: EncryptionConfiguration?
        ///  A container that specifies replication metrics-related settings.
        public let metrics: Metrics?
        /// A container that specifies S3 Replication Time Control (S3 RTC) settings, including whether S3 RTC is enabled and the time when all objects and operations on objects must be replicated. Must be specified together with a Metrics block.   This is not supported by Amazon S3 on Outposts buckets.
        public let replicationTime: ReplicationTime?
        ///  The storage class to use when replicating objects. All objects stored on S3 on Outposts are stored in the OUTPOSTS storage class. S3 on Outposts uses the OUTPOSTS storage class to create the object replicas.   Values other than OUTPOSTS aren't supported by Amazon S3 on Outposts.
        public let storageClass: ReplicationStorageClass?

        @inlinable
        public init(accessControlTranslation: AccessControlTranslation? = nil, account: String? = nil, bucket: String, encryptionConfiguration: EncryptionConfiguration? = nil, metrics: Metrics? = nil, replicationTime: ReplicationTime? = nil, storageClass: ReplicationStorageClass? = nil) {
            self.accessControlTranslation = accessControlTranslation
            self.account = account
            self.bucket = bucket
            self.encryptionConfiguration = encryptionConfiguration
            self.metrics = metrics
            self.replicationTime = replicationTime
            self.storageClass = storageClass
        }

        public func validate(name: String) throws {
            try self.validate(self.account, name: "account", parent: name, max: 64)
            try self.validate(self.account, name: "account", parent: name, pattern: "^\\d{12}$")
        }

        private enum CodingKeys: String, CodingKey {
            case accessControlTranslation = "AccessControlTranslation"
            case account = "Account"
            case bucket = "Bucket"
            case encryptionConfiguration = "EncryptionConfiguration"
            case metrics = "Metrics"
            case replicationTime = "ReplicationTime"
            case storageClass = "StorageClass"
        }
    }

    public struct DetailedStatusCodesMetrics: AWSEncodableShape & AWSDecodableShape {
        /// A container that indicates whether detailed status code metrics are enabled.
        public let isEnabled: Bool?

        @inlinable
        public init(isEnabled: Bool? = nil) {
            self.isEnabled = isEnabled
        }

        private enum CodingKeys: String, CodingKey {
            case isEnabled = "IsEnabled"
        }
    }

    public struct DissociateAccessGrantsIdentityCenterRequest: AWSEncodableShape {
        public static let _options: AWSShapeOptions = [.checksumRequired]
        /// The Amazon Web Services account ID of the S3 Access Grants instance.
        public let accountId: String

        @inlinable
        public init(accountId: String) {
            self.accountId = accountId
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct EncryptionConfiguration: AWSEncodableShape & AWSDecodableShape {
        /// Specifies the ID of the customer managed KMS key that's stored in Key Management Service (KMS) for the destination bucket. This ID is either the Amazon Resource Name (ARN) for the KMS key or the alias ARN for the KMS key. Amazon S3 uses this KMS key to encrypt replica objects. Amazon S3 supports only symmetric encryption KMS keys. For more information, see Symmetric encryption KMS keys in the Amazon Web Services Key Management Service Developer Guide.
        public let replicaKmsKeyID: String?

        @inlinable
        public init(replicaKmsKeyID: String? = nil) {
            self.replicaKmsKeyID = replicaKmsKeyID
        }

        private enum CodingKeys: String, CodingKey {
            case replicaKmsKeyID = "ReplicaKmsKeyID"
        }
    }

    public struct EstablishedMultiRegionAccessPointPolicy: AWSDecodableShape {
        /// The details of the last established policy.
        public let policy: String?

        @inlinable
        public init(policy: String? = nil) {
            self.policy = policy
        }

        private enum CodingKeys: String, CodingKey {
            case policy = "Policy"
        }
    }

    public struct Exclude: AWSEncodableShape & AWSDecodableShape {
        public struct _BucketsEncoding: ArrayCoderProperties { public static let member = "Arn" }
        public struct _RegionsEncoding: ArrayCoderProperties { public static let member = "Region" }

        /// A container for the S3 Storage Lens bucket excludes.
        @OptionalCustomCoding<ArrayCoder<_BucketsEncoding, String>>
        public var buckets: [String]?
        /// A container for the S3 Storage Lens Region excludes.
        @OptionalCustomCoding<ArrayCoder<_RegionsEncoding, String>>
        public var regions: [String]?

        @inlinable
        public init(buckets: [String]? = nil, regions: [String]? = nil) {
            self.buckets = buckets
            self.regions = regions
        }

        public func validate(name: String) throws {
            try self.buckets?.forEach {
                try validate($0, name: "buckets[]", parent: name, max: 128)
                try validate($0, name: "buckets[]", parent: name, min: 1)
                try validate($0, name: "buckets[]", parent: name, pattern: "^arn:[^:]+:s3:")
            }
            try self.regions?.forEach {
                try validate($0, name: "regions[]", parent: name, max: 30)
                try validate($0, name: "regions[]", parent: name, min: 5)
                try validate($0, name: "regions[]", parent: name, pattern: "^[a-z0-9\\-]+$")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case buckets = "Buckets"
            case regions = "Regions"
        }
    }

    public struct ExistingObjectReplication: AWSEncodableShape & AWSDecodableShape {
        /// Specifies whether Amazon S3 replicates existing source bucket objects.
        public let status: ExistingObjectReplicationStatus

        @inlinable
        public init(status: ExistingObjectReplicationStatus) {
            self.status = status
        }

        private enum CodingKeys: String, CodingKey {
            case status = "Status"
        }
    }

    public struct GeneratedManifestEncryption: AWSEncodableShape & AWSDecodableShape {
        /// Configuration details on how SSE-KMS is used to encrypt generated manifest objects.
        public let ssekms: SSEKMSEncryption?
        /// Specifies the use of SSE-S3 to encrypt generated manifest objects.
        public let sses3: SSES3Encryption?

        @inlinable
        public init(ssekms: SSEKMSEncryption? = nil, sses3: SSES3Encryption? = nil) {
            self.ssekms = ssekms
            self.sses3 = sses3
        }

        public func validate(name: String) throws {
            try self.ssekms?.validate(name: "\(name).ssekms")
        }

        private enum CodingKeys: String, CodingKey {
            case ssekms = "SSE-KMS"
            case sses3 = "SSE-S3"
        }
    }

    public struct GetAccessGrantRequest: AWSEncodableShape {
        public static let _options: AWSShapeOptions = [.checksumRequired]
        /// The ID of the access grant. S3 Access Grants auto-generates this ID when you create the access grant.
        public let accessGrantId: String
        /// The Amazon Web Services account ID of the S3 Access Grants instance.
        public let accountId: String

        @inlinable
        public init(accessGrantId: String, accountId: String) {
            self.accessGrantId = accessGrantId
            self.accountId = accountId
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodePath(self.accessGrantId, key: "AccessGrantId")
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
        }

        public func validate(name: String) throws {
            try self.validate(self.accessGrantId, name: "accessGrantId", parent: name, max: 64)
            try self.validate(self.accessGrantId, name: "accessGrantId", parent: name, min: 1)
            try self.validate(self.accessGrantId, name: "accessGrantId", parent: name, pattern: "^[a-zA-Z0-9\\-]+$")
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct GetAccessGrantResult: AWSDecodableShape {
        /// The Amazon Resource Name (ARN) of the access grant.
        public let accessGrantArn: String?
        /// The ID of the access grant. S3 Access Grants auto-generates this ID when you create the access grant.
        public let accessGrantId: String?
        /// The configuration options of the grant location. The grant location is the S3 path to the data to which you are granting access.
        public let accessGrantsLocationConfiguration: AccessGrantsLocationConfiguration?
        /// The ID of the registered location to which you are granting access. S3 Access Grants assigns this ID when you register the location. S3 Access Grants assigns the ID default to the default location s3:// and assigns an auto-generated ID to other locations that you register.
        public let accessGrantsLocationId: String?
        /// The Amazon Resource Name (ARN) of an Amazon Web Services IAM Identity Center application associated with your Identity Center instance. If the grant includes an application ARN, the grantee can only access the S3 data through this application.
        public let applicationArn: String?
        /// The date and time when you created the access grant.
        public let createdAt: Date?
        /// The user, group, or role to which you are granting access. You can grant access to an IAM user or role. If you have added a corporate directory to Amazon Web Services IAM Identity Center and associated this Identity Center instance with the S3 Access Grants instance, the grantee can also be a corporate directory user or group.
        public let grantee: Grantee?
        /// The S3 path of the data to which you are granting access. It is the result of appending the Subprefix to the location scope.
        public let grantScope: String?
        /// The type of permission that was granted in the access grant. Can be one of the following values:    READ – Grant read-only access to the S3 data.    WRITE – Grant write-only access to the S3 data.    READWRITE – Grant both read and write access to the S3 data.
        public let permission: Permission?

        @inlinable
        public init(accessGrantArn: String? = nil, accessGrantId: String? = nil, accessGrantsLocationConfiguration: AccessGrantsLocationConfiguration? = nil, accessGrantsLocationId: String? = nil, applicationArn: String? = nil, createdAt: Date? = nil, grantee: Grantee? = nil, grantScope: String? = nil, permission: Permission? = nil) {
            self.accessGrantArn = accessGrantArn
            self.accessGrantId = accessGrantId
            self.accessGrantsLocationConfiguration = accessGrantsLocationConfiguration
            self.accessGrantsLocationId = accessGrantsLocationId
            self.applicationArn = applicationArn
            self.createdAt = createdAt
            self.grantee = grantee
            self.grantScope = grantScope
            self.permission = permission
        }

        private enum CodingKeys: String, CodingKey {
            case accessGrantArn = "AccessGrantArn"
            case accessGrantId = "AccessGrantId"
            case accessGrantsLocationConfiguration = "AccessGrantsLocationConfiguration"
            case accessGrantsLocationId = "AccessGrantsLocationId"
            case applicationArn = "ApplicationArn"
            case createdAt = "CreatedAt"
            case grantee = "Grantee"
            case grantScope = "GrantScope"
            case permission = "Permission"
        }
    }

    public struct GetAccessGrantsInstanceForPrefixRequest: AWSEncodableShape {
        public static let _options: AWSShapeOptions = [.checksumRequired]
        /// The ID of the Amazon Web Services account that is making this request.
        public let accountId: String
        /// The S3 prefix of the access grants that you would like to retrieve.
        public let s3Prefix: String

        @inlinable
        public init(accountId: String, s3Prefix: String) {
            self.accountId = accountId
            self.s3Prefix = s3Prefix
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodeQuery(self.s3Prefix, key: "s3prefix")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.s3Prefix, name: "s3Prefix", parent: name, max: 2000)
            try self.validate(self.s3Prefix, name: "s3Prefix", parent: name, min: 1)
            try self.validate(self.s3Prefix, name: "s3Prefix", parent: name, pattern: "^.+$")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct GetAccessGrantsInstanceForPrefixResult: AWSDecodableShape {
        /// The Amazon Resource Name (ARN) of the S3 Access Grants instance.
        public let accessGrantsInstanceArn: String?
        /// The ID of the S3 Access Grants instance. The ID is default. You can have one S3 Access Grants instance per Region per account.
        public let accessGrantsInstanceId: String?

        @inlinable
        public init(accessGrantsInstanceArn: String? = nil, accessGrantsInstanceId: String? = nil) {
            self.accessGrantsInstanceArn = accessGrantsInstanceArn
            self.accessGrantsInstanceId = accessGrantsInstanceId
        }

        private enum CodingKeys: String, CodingKey {
            case accessGrantsInstanceArn = "AccessGrantsInstanceArn"
            case accessGrantsInstanceId = "AccessGrantsInstanceId"
        }
    }

    public struct GetAccessGrantsInstanceRequest: AWSEncodableShape {
        public static let _options: AWSShapeOptions = [.checksumRequired]
        /// The Amazon Web Services account ID of the S3 Access Grants instance.
        public let accountId: String

        @inlinable
        public init(accountId: String) {
            self.accountId = accountId
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct GetAccessGrantsInstanceResourcePolicyRequest: AWSEncodableShape {
        public static let _options: AWSShapeOptions = [.checksumRequired]
        /// The Amazon Web Services account ID of the S3 Access Grants instance.
        public let accountId: String

        @inlinable
        public init(accountId: String) {
            self.accountId = accountId
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct GetAccessGrantsInstanceResourcePolicyResult: AWSDecodableShape {
        /// The date and time when you created the S3 Access Grants instance resource policy.
        public let createdAt: Date?
        /// The Organization of the resource policy of the S3 Access Grants instance.
        public let organization: String?
        /// The resource policy of the S3 Access Grants instance.
        public let policy: String?

        @inlinable
        public init(createdAt: Date? = nil, organization: String? = nil, policy: String? = nil) {
            self.createdAt = createdAt
            self.organization = organization
            self.policy = policy
        }

        private enum CodingKeys: String, CodingKey {
            case createdAt = "CreatedAt"
            case organization = "Organization"
            case policy = "Policy"
        }
    }

    public struct GetAccessGrantsInstanceResult: AWSDecodableShape {
        /// The Amazon Resource Name (ARN) of the S3 Access Grants instance.
        public let accessGrantsInstanceArn: String?
        /// The ID of the S3 Access Grants instance. The ID is default. You can have one S3 Access Grants instance per Region per account.
        public let accessGrantsInstanceId: String?
        /// The date and time when you created the S3 Access Grants instance.
        public let createdAt: Date?
        /// If you associated your S3 Access Grants instance with an Amazon Web Services IAM Identity Center instance, this field returns the Amazon Resource Name (ARN) of the IAM Identity Center instance application; a subresource of the original Identity Center instance. S3 Access Grants creates this Identity Center application for the specific S3 Access Grants instance.
        public let identityCenterApplicationArn: String?
        /// If you associated your S3 Access Grants instance with an Amazon Web Services IAM Identity Center instance, this field returns the Amazon Resource Name (ARN) of the IAM Identity Center instance application; a subresource of the original Identity Center instance. S3 Access Grants creates this Identity Center application for the specific S3 Access Grants instance.
        public let identityCenterArn: String?
        /// The Amazon Resource Name (ARN) of the Amazon Web Services IAM Identity Center instance that you are associating with your S3 Access Grants instance. An IAM Identity Center instance is your corporate identity directory that you added to the IAM Identity Center. You can use the ListInstances API operation to retrieve a list of your Identity Center instances and their ARNs.
        public let identityCenterInstanceArn: String?

        @inlinable
        public init(accessGrantsInstanceArn: String? = nil, accessGrantsInstanceId: String? = nil, createdAt: Date? = nil, identityCenterApplicationArn: String? = nil, identityCenterInstanceArn: String? = nil) {
            self.accessGrantsInstanceArn = accessGrantsInstanceArn
            self.accessGrantsInstanceId = accessGrantsInstanceId
            self.createdAt = createdAt
            self.identityCenterApplicationArn = identityCenterApplicationArn
            self.identityCenterArn = nil
            self.identityCenterInstanceArn = identityCenterInstanceArn
        }

        @available(*, deprecated, message: "Members identityCenterArn have been deprecated")
        @inlinable
        public init(accessGrantsInstanceArn: String? = nil, accessGrantsInstanceId: String? = nil, createdAt: Date? = nil, identityCenterApplicationArn: String? = nil, identityCenterArn: String? = nil, identityCenterInstanceArn: String? = nil) {
            self.accessGrantsInstanceArn = accessGrantsInstanceArn
            self.accessGrantsInstanceId = accessGrantsInstanceId
            self.createdAt = createdAt
            self.identityCenterApplicationArn = identityCenterApplicationArn
            self.identityCenterArn = identityCenterArn
            self.identityCenterInstanceArn = identityCenterInstanceArn
        }

        private enum CodingKeys: String, CodingKey {
            case accessGrantsInstanceArn = "AccessGrantsInstanceArn"
            case accessGrantsInstanceId = "AccessGrantsInstanceId"
            case createdAt = "CreatedAt"
            case identityCenterApplicationArn = "IdentityCenterApplicationArn"
            case identityCenterArn = "IdentityCenterArn"
            case identityCenterInstanceArn = "IdentityCenterInstanceArn"
        }
    }

    public struct GetAccessGrantsLocationRequest: AWSEncodableShape {
        public static let _options: AWSShapeOptions = [.checksumRequired]
        /// The ID of the registered location that you are retrieving. S3 Access Grants assigns this ID when you register the location. S3 Access Grants assigns the ID default to the default location s3:// and assigns an auto-generated ID to other locations that you register.
        public let accessGrantsLocationId: String
        /// The Amazon Web Services account ID of the S3 Access Grants instance.
        public let accountId: String

        @inlinable
        public init(accessGrantsLocationId: String, accountId: String) {
            self.accessGrantsLocationId = accessGrantsLocationId
            self.accountId = accountId
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodePath(self.accessGrantsLocationId, key: "AccessGrantsLocationId")
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
        }

        public func validate(name: String) throws {
            try self.validate(self.accessGrantsLocationId, name: "accessGrantsLocationId", parent: name, max: 64)
            try self.validate(self.accessGrantsLocationId, name: "accessGrantsLocationId", parent: name, min: 1)
            try self.validate(self.accessGrantsLocationId, name: "accessGrantsLocationId", parent: name, pattern: "^[a-zA-Z0-9\\-]+$")
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct GetAccessGrantsLocationResult: AWSDecodableShape {
        /// The Amazon Resource Name (ARN) of the registered location.
        public let accessGrantsLocationArn: String?
        /// The ID of the registered location to which you are granting access. S3 Access Grants assigns this ID when you register the location. S3 Access Grants assigns the ID default to the default location s3:// and assigns an auto-generated ID to other locations that you register.
        public let accessGrantsLocationId: String?
        /// The date and time when you registered the location.
        public let createdAt: Date?
        /// The Amazon Resource Name (ARN) of the IAM role for the registered location. S3 Access Grants assumes this role to manage access to the registered location.
        public let iamRoleArn: String?
        /// The S3 URI path to the registered location. The location scope can be the default S3 location s3://, the S3 path to a bucket, or the S3 path to a bucket and prefix. A prefix in S3 is a string of characters at the beginning of an object key name used to organize the objects that you store in your S3 buckets. For example, object key names that start with the engineering/ prefix or object key names that start with the marketing/campaigns/ prefix.
        public let locationScope: String?

        @inlinable
        public init(accessGrantsLocationArn: String? = nil, accessGrantsLocationId: String? = nil, createdAt: Date? = nil, iamRoleArn: String? = nil, locationScope: String? = nil) {
            self.accessGrantsLocationArn = accessGrantsLocationArn
            self.accessGrantsLocationId = accessGrantsLocationId
            self.createdAt = createdAt
            self.iamRoleArn = iamRoleArn
            self.locationScope = locationScope
        }

        private enum CodingKeys: String, CodingKey {
            case accessGrantsLocationArn = "AccessGrantsLocationArn"
            case accessGrantsLocationId = "AccessGrantsLocationId"
            case createdAt = "CreatedAt"
            case iamRoleArn = "IAMRoleArn"
            case locationScope = "LocationScope"
        }
    }

    public struct GetAccessPointConfigurationForObjectLambdaRequest: AWSEncodableShape {
        /// The account ID for the account that owns the specified Object Lambda Access Point.
        public let accountId: String
        /// The name of the Object Lambda Access Point you want to return the configuration for.
        public let name: String

        @inlinable
        public init(accountId: String, name: String) {
            self.accountId = accountId
            self.name = name
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.name, key: "Name")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.name, name: "name", parent: name, max: 45)
            try self.validate(self.name, name: "name", parent: name, min: 3)
            try self.validate(self.name, name: "name", parent: name, pattern: "^[a-z0-9]([a-z0-9\\-]*[a-z0-9])?$")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct GetAccessPointConfigurationForObjectLambdaResult: AWSDecodableShape {
        /// Object Lambda Access Point configuration document.
        public let configuration: ObjectLambdaConfiguration?

        @inlinable
        public init(configuration: ObjectLambdaConfiguration? = nil) {
            self.configuration = configuration
        }

        private enum CodingKeys: String, CodingKey {
            case configuration = "Configuration"
        }
    }

    public struct GetAccessPointForObjectLambdaRequest: AWSEncodableShape {
        /// The account ID for the account that owns the specified Object Lambda Access Point.
        public let accountId: String
        /// The name of the Object Lambda Access Point.
        public let name: String

        @inlinable
        public init(accountId: String, name: String) {
            self.accountId = accountId
            self.name = name
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.name, key: "Name")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.name, name: "name", parent: name, max: 45)
            try self.validate(self.name, name: "name", parent: name, min: 3)
            try self.validate(self.name, name: "name", parent: name, pattern: "^[a-z0-9]([a-z0-9\\-]*[a-z0-9])?$")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct GetAccessPointForObjectLambdaResult: AWSDecodableShape {
        /// The alias of the Object Lambda Access Point.
        public let alias: ObjectLambdaAccessPointAlias?
        /// The date and time when the specified Object Lambda Access Point was created.
        public let creationDate: Date?
        /// The name of the Object Lambda Access Point.
        public let name: String?
        /// Configuration to block all public access. This setting is turned on and can not be edited.
        public let publicAccessBlockConfiguration: PublicAccessBlockConfiguration?

        @inlinable
        public init(alias: ObjectLambdaAccessPointAlias? = nil, creationDate: Date? = nil, name: String? = nil, publicAccessBlockConfiguration: PublicAccessBlockConfiguration? = nil) {
            self.alias = alias
            self.creationDate = creationDate
            self.name = name
            self.publicAccessBlockConfiguration = publicAccessBlockConfiguration
        }

        private enum CodingKeys: String, CodingKey {
            case alias = "Alias"
            case creationDate = "CreationDate"
            case name = "Name"
            case publicAccessBlockConfiguration = "PublicAccessBlockConfiguration"
        }
    }

    public struct GetAccessPointPolicyForObjectLambdaRequest: AWSEncodableShape {
        /// The account ID for the account that owns the specified Object Lambda Access Point.
        public let accountId: String
        /// The name of the Object Lambda Access Point.
        public let name: String

        @inlinable
        public init(accountId: String, name: String) {
            self.accountId = accountId
            self.name = name
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.name, key: "Name")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.name, name: "name", parent: name, max: 45)
            try self.validate(self.name, name: "name", parent: name, min: 3)
            try self.validate(self.name, name: "name", parent: name, pattern: "^[a-z0-9]([a-z0-9\\-]*[a-z0-9])?$")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct GetAccessPointPolicyForObjectLambdaResult: AWSDecodableShape {
        /// Object Lambda Access Point resource policy document.
        public let policy: String?

        @inlinable
        public init(policy: String? = nil) {
            self.policy = policy
        }

        private enum CodingKeys: String, CodingKey {
            case policy = "Policy"
        }
    }

    public struct GetAccessPointPolicyRequest: AWSEncodableShape {
        /// The account ID for the account that owns the specified access point.
        public let accountId: String
        /// The name of the access point whose policy you want to retrieve. For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well. For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must  specify the ARN of the access point accessed in the format arn:aws:s3-outposts:::outpost//accesspoint/. For example, to access the access point reports-ap through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/accesspoint/reports-ap. The value must be URL encoded.
        public let name: String

        @inlinable
        public init(accountId: String, name: String) {
            self.accountId = accountId
            self.name = name
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.name, key: "Name")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.name, name: "name", parent: name, max: 255)
            try self.validate(self.name, name: "name", parent: name, min: 3)
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct GetAccessPointPolicyResult: AWSDecodableShape {
        /// The access point policy associated with the specified access point.
        public let policy: String?

        @inlinable
        public init(policy: String? = nil) {
            self.policy = policy
        }

        private enum CodingKeys: String, CodingKey {
            case policy = "Policy"
        }
    }

    public struct GetAccessPointPolicyStatusForObjectLambdaRequest: AWSEncodableShape {
        /// The account ID for the account that owns the specified Object Lambda Access Point.
        public let accountId: String
        /// The name of the Object Lambda Access Point.
        public let name: String

        @inlinable
        public init(accountId: String, name: String) {
            self.accountId = accountId
            self.name = name
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.name, key: "Name")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.name, name: "name", parent: name, max: 45)
            try self.validate(self.name, name: "name", parent: name, min: 3)
            try self.validate(self.name, name: "name", parent: name, pattern: "^[a-z0-9]([a-z0-9\\-]*[a-z0-9])?$")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct GetAccessPointPolicyStatusForObjectLambdaResult: AWSDecodableShape {
        public let policyStatus: PolicyStatus?

        @inlinable
        public init(policyStatus: PolicyStatus? = nil) {
            self.policyStatus = policyStatus
        }

        private enum CodingKeys: String, CodingKey {
            case policyStatus = "PolicyStatus"
        }
    }

    public struct GetAccessPointPolicyStatusRequest: AWSEncodableShape {
        /// The account ID for the account that owns the specified access point.
        public let accountId: String
        /// The name of the access point whose policy status you want to retrieve.
        public let name: String

        @inlinable
        public init(accountId: String, name: String) {
            self.accountId = accountId
            self.name = name
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.name, key: "Name")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.name, name: "name", parent: name, max: 255)
            try self.validate(self.name, name: "name", parent: name, min: 3)
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct GetAccessPointPolicyStatusResult: AWSDecodableShape {
        /// Indicates the current policy status of the specified access point.
        public let policyStatus: PolicyStatus?

        @inlinable
        public init(policyStatus: PolicyStatus? = nil) {
            self.policyStatus = policyStatus
        }

        private enum CodingKeys: String, CodingKey {
            case policyStatus = "PolicyStatus"
        }
    }

    public struct GetAccessPointRequest: AWSEncodableShape {
        /// The Amazon Web Services account ID for the account that owns the specified access point.
        public let accountId: String
        /// The name of the access point whose configuration information you want to retrieve. For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well. For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must  specify the ARN of the access point accessed in the format arn:aws:s3-outposts:::outpost//accesspoint/. For example, to access the access point reports-ap through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/accesspoint/reports-ap. The value must be URL encoded.
        public let name: String

        @inlinable
        public init(accountId: String, name: String) {
            self.accountId = accountId
            self.name = name
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.name, key: "Name")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.name, name: "name", parent: name, max: 255)
            try self.validate(self.name, name: "name", parent: name, min: 3)
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct GetAccessPointResult: AWSDecodableShape {
        /// The ARN of the access point.
        public let accessPointArn: String?
        /// The name or alias of the access point.
        public let alias: String?
        /// The name of the bucket associated with the specified access point.
        public let bucket: String?
        /// The Amazon Web Services account ID associated with the S3 bucket associated with this access point.
        public let bucketAccountId: String?
        /// The date and time when the specified access point was created.
        public let creationDate: Date?
        /// The unique identifier for the data source of the access point.
        public let dataSourceId: String?
        /// The type of the data source that the access point is attached to.
        public let dataSourceType: String?
        /// The VPC endpoint for the access point.
        @OptionalCustomCoding<StandardDictionaryCoder<String, String>>
        public var endpoints: [String: String]?
        /// The name of the specified access point.
        public let name: String?
        /// Indicates whether this access point allows access from the public internet. If VpcConfiguration is specified for this access point, then NetworkOrigin is VPC, and the access point doesn't allow access from the public internet. Otherwise, NetworkOrigin is Internet, and the access point allows access from the public internet, subject to the access point and bucket access policies. This will always be true for an Amazon S3 on Outposts access point
        public let networkOrigin: NetworkOrigin?
        public let publicAccessBlockConfiguration: PublicAccessBlockConfiguration?
        /// Contains the virtual private cloud (VPC) configuration for the specified access point.  This element is empty if this access point is an Amazon S3 on Outposts access point that is used by other Amazon Web Services services.
        public let vpcConfiguration: VpcConfiguration?

        @inlinable
        public init(accessPointArn: String? = nil, alias: String? = nil, bucket: String? = nil, bucketAccountId: String? = nil, creationDate: Date? = nil, dataSourceId: String? = nil, dataSourceType: String? = nil, endpoints: [String: String]? = nil, name: String? = nil, networkOrigin: NetworkOrigin? = nil, publicAccessBlockConfiguration: PublicAccessBlockConfiguration? = nil, vpcConfiguration: VpcConfiguration? = nil) {
            self.accessPointArn = accessPointArn
            self.alias = alias
            self.bucket = bucket
            self.bucketAccountId = bucketAccountId
            self.creationDate = creationDate
            self.dataSourceId = dataSourceId
            self.dataSourceType = dataSourceType
            self.endpoints = endpoints
            self.name = name
            self.networkOrigin = networkOrigin
            self.publicAccessBlockConfiguration = publicAccessBlockConfiguration
            self.vpcConfiguration = vpcConfiguration
        }

        private enum CodingKeys: String, CodingKey {
            case accessPointArn = "AccessPointArn"
            case alias = "Alias"
            case bucket = "Bucket"
            case bucketAccountId = "BucketAccountId"
            case creationDate = "CreationDate"
            case dataSourceId = "DataSourceId"
            case dataSourceType = "DataSourceType"
            case endpoints = "Endpoints"
            case name = "Name"
            case networkOrigin = "NetworkOrigin"
            case publicAccessBlockConfiguration = "PublicAccessBlockConfiguration"
            case vpcConfiguration = "VpcConfiguration"
        }
    }

    public struct GetAccessPointScopeRequest: AWSEncodableShape {
        ///  The Amazon Web Services account ID that owns the access point with the scope that you want to retrieve.
        public let accountId: String
        /// The name of the access point with the scope you want to retrieve.
        public let name: String

        @inlinable
        public init(accountId: String, name: String) {
            self.accountId = accountId
            self.name = name
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.name, key: "Name")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.name, name: "name", parent: name, max: 255)
            try self.validate(self.name, name: "name", parent: name, min: 3)
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct GetAccessPointScopeResult: AWSDecodableShape {
        /// The contents of the access point scope.
        public let scope: Scope?

        @inlinable
        public init(scope: Scope? = nil) {
            self.scope = scope
        }

        private enum CodingKeys: String, CodingKey {
            case scope = "Scope"
        }
    }

    public struct GetBucketLifecycleConfigurationRequest: AWSEncodableShape {
        /// The Amazon Web Services account ID of the Outposts bucket.
        public let accountId: String
        /// The Amazon Resource Name (ARN) of the bucket. For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well. For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must  specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
        public let bucket: String

        @inlinable
        public init(accountId: String, bucket: String) {
            self.accountId = accountId
            self.bucket = bucket
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.bucket, key: "Bucket")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.bucket, name: "bucket", parent: name, max: 255)
            try self.validate(self.bucket, name: "bucket", parent: name, min: 3)
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct GetBucketLifecycleConfigurationResult: AWSDecodableShape {
        public struct _RulesEncoding: ArrayCoderProperties { public static let member = "Rule" }

        /// Container for the lifecycle rule of the Outposts bucket.
        @OptionalCustomCoding<ArrayCoder<_RulesEncoding, LifecycleRule>>
        public var rules: [LifecycleRule]?

        @inlinable
        public init(rules: [LifecycleRule]? = nil) {
            self.rules = rules
        }

        private enum CodingKeys: String, CodingKey {
            case rules = "Rules"
        }
    }

    public struct GetBucketPolicyRequest: AWSEncodableShape {
        /// The Amazon Web Services account ID of the Outposts bucket.
        public let accountId: String
        /// Specifies the bucket. For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well. For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must  specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
        public let bucket: String

        @inlinable
        public init(accountId: String, bucket: String) {
            self.accountId = accountId
            self.bucket = bucket
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.bucket, key: "Bucket")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.bucket, name: "bucket", parent: name, max: 255)
            try self.validate(self.bucket, name: "bucket", parent: name, min: 3)
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct GetBucketPolicyResult: AWSDecodableShape {
        /// The policy of the Outposts bucket.
        public let policy: String?

        @inlinable
        public init(policy: String? = nil) {
            self.policy = policy
        }

        private enum CodingKeys: String, CodingKey {
            case policy = "Policy"
        }
    }

    public struct GetBucketReplicationRequest: AWSEncodableShape {
        /// The Amazon Web Services account ID of the Outposts bucket.
        public let accountId: String
        /// Specifies the bucket to get the replication information for. For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well. For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must  specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
        public let bucket: String

        @inlinable
        public init(accountId: String, bucket: String) {
            self.accountId = accountId
            self.bucket = bucket
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.bucket, key: "Bucket")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.bucket, name: "bucket", parent: name, max: 255)
            try self.validate(self.bucket, name: "bucket", parent: name, min: 3)
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct GetBucketReplicationResult: AWSDecodableShape {
        /// A container for one or more replication rules. A replication configuration must have at least one rule and you can add up to 100 rules. The maximum size of a replication configuration is 128 KB.
        public let replicationConfiguration: ReplicationConfiguration?

        @inlinable
        public init(replicationConfiguration: ReplicationConfiguration? = nil) {
            self.replicationConfiguration = replicationConfiguration
        }

        private enum CodingKeys: String, CodingKey {
            case replicationConfiguration = "ReplicationConfiguration"
        }
    }

    public struct GetBucketRequest: AWSEncodableShape {
        /// The Amazon Web Services account ID of the Outposts bucket.
        public let accountId: String
        /// Specifies the bucket. For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well. For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must  specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
        public let bucket: String

        @inlinable
        public init(accountId: String, bucket: String) {
            self.accountId = accountId
            self.bucket = bucket
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.bucket, key: "Bucket")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.bucket, name: "bucket", parent: name, max: 255)
            try self.validate(self.bucket, name: "bucket", parent: name, min: 3)
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct GetBucketResult: AWSDecodableShape {
        /// The Outposts bucket requested.
        public let bucket: String?
        /// The creation date of the Outposts bucket.
        public let creationDate: Date?
        public let publicAccessBlockEnabled: Bool?

        @inlinable
        public init(bucket: String? = nil, creationDate: Date? = nil, publicAccessBlockEnabled: Bool? = nil) {
            self.bucket = bucket
            self.creationDate = creationDate
            self.publicAccessBlockEnabled = publicAccessBlockEnabled
        }

        private enum CodingKeys: String, CodingKey {
            case bucket = "Bucket"
            case creationDate = "CreationDate"
            case publicAccessBlockEnabled = "PublicAccessBlockEnabled"
        }
    }

    public struct GetBucketTaggingRequest: AWSEncodableShape {
        /// The Amazon Web Services account ID of the Outposts bucket.
        public let accountId: String
        /// Specifies the bucket. For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well. For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must  specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
        public let bucket: String

        @inlinable
        public init(accountId: String, bucket: String) {
            self.accountId = accountId
            self.bucket = bucket
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.bucket, key: "Bucket")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.bucket, name: "bucket", parent: name, max: 255)
            try self.validate(self.bucket, name: "bucket", parent: name, min: 3)
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct GetBucketTaggingResult: AWSDecodableShape {
        /// The tags set of the Outposts bucket.
        @CustomCoding<StandardArrayCoder<S3Tag>>
        public var tagSet: [S3Tag]

        @inlinable
        public init(tagSet: [S3Tag]) {
            self.tagSet = tagSet
        }

        private enum CodingKeys: String, CodingKey {
            case tagSet = "TagSet"
        }
    }

    public struct GetBucketVersioningRequest: AWSEncodableShape {
        /// The Amazon Web Services account ID of the S3 on Outposts bucket.
        public let accountId: String
        /// The S3 on Outposts bucket to return the versioning state for.
        public let bucket: String

        @inlinable
        public init(accountId: String, bucket: String) {
            self.accountId = accountId
            self.bucket = bucket
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.bucket, key: "Bucket")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.bucket, name: "bucket", parent: name, max: 255)
            try self.validate(self.bucket, name: "bucket", parent: name, min: 3)
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct GetBucketVersioningResult: AWSDecodableShape {
        /// Specifies whether MFA delete is enabled in the bucket versioning configuration. This element is returned only if the bucket has been configured with MFA delete. If MFA delete has never been configured for the bucket, this element is not returned.
        public let mfaDelete: MFADeleteStatus?
        /// The versioning state of the S3 on Outposts bucket.
        public let status: BucketVersioningStatus?

        @inlinable
        public init(mfaDelete: MFADeleteStatus? = nil, status: BucketVersioningStatus? = nil) {
            self.mfaDelete = mfaDelete
            self.status = status
        }

        private enum CodingKeys: String, CodingKey {
            case mfaDelete = "MfaDelete"
            case status = "Status"
        }
    }

    public struct GetDataAccessRequest: AWSEncodableShape {
        public static let _options: AWSShapeOptions = [.checksumRequired]
        /// The Amazon Web Services account ID of the S3 Access Grants instance.
        public let accountId: String
        /// The session duration, in seconds, of the temporary access credential that S3 Access Grants vends to the grantee or client application. The default value is 1 hour, but the grantee can specify a range from 900 seconds (15 minutes) up to 43200 seconds (12 hours). If the grantee requests a value higher than this maximum, the operation fails.
        public let durationSeconds: Int?
        /// The type of permission granted to your S3 data, which can be set to one of the following values:    READ – Grant read-only access to the S3 data.    WRITE – Grant write-only access to the S3 data.    READWRITE – Grant both read and write access to the S3 data.
        public let permission: Permission
        /// The scope of the temporary access credential that S3 Access Grants vends to the grantee or client application.     Default – The scope of the returned temporary access token is the scope of the grant that is closest to the target scope.    Minimal – The scope of the returned temporary access token is the same as the requested target scope as long as the requested scope is the same as or a subset of the grant scope.
        public let privilege: Privilege?
        /// The S3 URI path of the data to which you are requesting temporary access credentials. If the requesting account has an access grant for this data, S3 Access Grants vends temporary access credentials in the response.
        public let target: String
        /// The type of Target. The only possible value is Object. Pass this value if the target data that you would like to access is a path to an object. Do not pass this value if the target data is a bucket or a bucket and a prefix.
        public let targetType: S3PrefixType?

        @inlinable
        public init(accountId: String, durationSeconds: Int? = nil, permission: Permission, privilege: Privilege? = nil, target: String, targetType: S3PrefixType? = nil) {
            self.accountId = accountId
            self.durationSeconds = durationSeconds
            self.permission = permission
            self.privilege = privilege
            self.target = target
            self.targetType = targetType
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodeQuery(self.durationSeconds, key: "durationSeconds")
            request.encodeQuery(self.permission, key: "permission")
            request.encodeQuery(self.privilege, key: "privilege")
            request.encodeQuery(self.target, key: "target")
            request.encodeQuery(self.targetType, key: "targetType")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.durationSeconds, name: "durationSeconds", parent: name, max: 43200)
            try self.validate(self.durationSeconds, name: "durationSeconds", parent: name, min: 900)
            try self.validate(self.target, name: "target", parent: name, max: 2000)
            try self.validate(self.target, name: "target", parent: name, min: 1)
            try self.validate(self.target, name: "target", parent: name, pattern: "^.+$")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct GetDataAccessResult: AWSDecodableShape {
        /// The temporary credential token that S3 Access Grants vends.
        public let credentials: Credentials?
        /// The user, group, or role that was granted access to the S3 location scope. For directory identities, this API also returns the grants of the IAM role used for the identity-aware request. For more information on identity-aware sessions, see Granting permissions to use identity-aware console sessions.
        public let grantee: Grantee?
        /// The S3 URI path of the data to which you are being granted temporary access credentials.
        public let matchedGrantTarget: String?

        @inlinable
        public init(credentials: Credentials? = nil, grantee: Grantee? = nil, matchedGrantTarget: String? = nil) {
            self.credentials = credentials
            self.grantee = grantee
            self.matchedGrantTarget = matchedGrantTarget
        }

        private enum CodingKeys: String, CodingKey {
            case credentials = "Credentials"
            case grantee = "Grantee"
            case matchedGrantTarget = "MatchedGrantTarget"
        }
    }

    public struct GetJobTaggingRequest: AWSEncodableShape {
        /// The Amazon Web Services account ID associated with the S3 Batch Operations job.
        public let accountId: String
        /// The ID for the S3 Batch Operations job whose tags you want to retrieve.
        public let jobId: String

        @inlinable
        public init(accountId: String, jobId: String) {
            self.accountId = accountId
            self.jobId = jobId
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.jobId, key: "JobId")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.jobId, name: "jobId", parent: name, max: 36)
            try self.validate(self.jobId, name: "jobId", parent: name, min: 5)
            try self.validate(self.jobId, name: "jobId", parent: name, pattern: "^[a-zA-Z0-9\\-\\_]+$")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct GetJobTaggingResult: AWSDecodableShape {
        /// The set of tags associated with the S3 Batch Operations job.
        @OptionalCustomCoding<StandardArrayCoder<S3Tag>>
        public var tags: [S3Tag]?

        @inlinable
        public init(tags: [S3Tag]? = nil) {
            self.tags = tags
        }

        private enum CodingKeys: String, CodingKey {
            case tags = "Tags"
        }
    }

    public struct GetMultiRegionAccessPointPolicyRequest: AWSEncodableShape {
        public static let _options: AWSShapeOptions = [.checksumRequired]
        /// The Amazon Web Services account ID for the owner of the Multi-Region Access Point.
        public let accountId: String
        /// Specifies the Multi-Region Access Point. The name of the Multi-Region Access Point is different from the alias. For more information about the distinction between the name and the alias of an Multi-Region Access Point, see Rules for naming Amazon S3 Multi-Region Access Points in the Amazon S3 User Guide.
        public let name: String

        @inlinable
        public init(accountId: String, name: String) {
            self.accountId = accountId
            self.name = name
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.name, key: "Name")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.name, name: "name", parent: name, max: 50)
            try self.validate(self.name, name: "name", parent: name, pattern: "^[a-z0-9][-a-z0-9]{1,48}[a-z0-9]$")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct GetMultiRegionAccessPointPolicyResult: AWSDecodableShape {
        /// The policy associated with the specified Multi-Region Access Point.
        public let policy: MultiRegionAccessPointPolicyDocument?

        @inlinable
        public init(policy: MultiRegionAccessPointPolicyDocument? = nil) {
            self.policy = policy
        }

        private enum CodingKeys: String, CodingKey {
            case policy = "Policy"
        }
    }

    public struct GetMultiRegionAccessPointPolicyStatusRequest: AWSEncodableShape {
        public static let _options: AWSShapeOptions = [.checksumRequired]
        /// The Amazon Web Services account ID for the owner of the Multi-Region Access Point.
        public let accountId: String
        /// Specifies the Multi-Region Access Point. The name of the Multi-Region Access Point is different from the alias. For more information about the distinction between the name and the alias of an Multi-Region Access Point, see Rules for naming Amazon S3 Multi-Region Access Points in the Amazon S3 User Guide.
        public let name: String

        @inlinable
        public init(accountId: String, name: String) {
            self.accountId = accountId
            self.name = name
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.name, key: "Name")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.name, name: "name", parent: name, max: 50)
            try self.validate(self.name, name: "name", parent: name, pattern: "^[a-z0-9][-a-z0-9]{1,48}[a-z0-9]$")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct GetMultiRegionAccessPointPolicyStatusResult: AWSDecodableShape {
        public let established: PolicyStatus?

        @inlinable
        public init(established: PolicyStatus? = nil) {
            self.established = established
        }

        private enum CodingKeys: String, CodingKey {
            case established = "Established"
        }
    }

    public struct GetMultiRegionAccessPointRequest: AWSEncodableShape {
        public static let _options: AWSShapeOptions = [.checksumRequired]
        /// The Amazon Web Services account ID for the owner of the Multi-Region Access Point.
        public let accountId: String
        /// The name of the Multi-Region Access Point whose configuration information you want to receive. The name of the Multi-Region Access Point is different from the alias. For more information about the distinction between the name and the alias of an Multi-Region Access Point, see Rules for naming Amazon S3 Multi-Region Access Points in the Amazon S3 User Guide.
        public let name: String

        @inlinable
        public init(accountId: String, name: String) {
            self.accountId = accountId
            self.name = name
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.name, key: "Name")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.name, name: "name", parent: name, max: 50)
            try self.validate(self.name, name: "name", parent: name, pattern: "^[a-z0-9][-a-z0-9]{1,48}[a-z0-9]$")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct GetMultiRegionAccessPointResult: AWSDecodableShape {
        /// A container element containing the details of the requested Multi-Region Access Point.
        public let accessPoint: MultiRegionAccessPointReport?

        @inlinable
        public init(accessPoint: MultiRegionAccessPointReport? = nil) {
            self.accessPoint = accessPoint
        }

        private enum CodingKeys: String, CodingKey {
            case accessPoint = "AccessPoint"
        }
    }

    public struct GetMultiRegionAccessPointRoutesRequest: AWSEncodableShape {
        public static let _options: AWSShapeOptions = [.checksumRequired]
        /// The Amazon Web Services account ID for the owner of the Multi-Region Access Point.
        public let accountId: String
        /// The Multi-Region Access Point ARN.
        public let mrap: String

        @inlinable
        public init(accountId: String, mrap: String) {
            self.accountId = accountId
            self.mrap = mrap
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.mrap, key: "Mrap")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.mrap, name: "mrap", parent: name, max: 200)
            try self.validate(self.mrap, name: "mrap", parent: name, pattern: "^[a-zA-Z0-9\\:.-]{3,200}$")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct GetMultiRegionAccessPointRoutesResult: AWSDecodableShape {
        public struct _RoutesEncoding: ArrayCoderProperties { public static let member = "Route" }

        /// The Multi-Region Access Point ARN.
        public let mrap: String?
        /// The different routes that make up the route configuration. Active routes return a value of 100, and passive routes return a value of 0.
        @OptionalCustomCoding<ArrayCoder<_RoutesEncoding, MultiRegionAccessPointRoute>>
        public var routes: [MultiRegionAccessPointRoute]?

        @inlinable
        public init(mrap: String? = nil, routes: [MultiRegionAccessPointRoute]? = nil) {
            self.mrap = mrap
            self.routes = routes
        }

        private enum CodingKeys: String, CodingKey {
            case mrap = "Mrap"
            case routes = "Routes"
        }
    }

    public struct GetPublicAccessBlockOutput: AWSDecodableShape {
        /// The PublicAccessBlock configuration currently in effect for this Amazon Web Services account.
        public let publicAccessBlockConfiguration: PublicAccessBlockConfiguration

        @inlinable
        public init(publicAccessBlockConfiguration: PublicAccessBlockConfiguration) {
            self.publicAccessBlockConfiguration = publicAccessBlockConfiguration
        }

        public init(from decoder: Decoder) throws {
            let container = try decoder.singleValueContainer()
            self.publicAccessBlockConfiguration = try container.decode(PublicAccessBlockConfiguration.self)
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct GetPublicAccessBlockRequest: AWSEncodableShape {
        /// The account ID for the Amazon Web Services account whose PublicAccessBlock configuration you want to retrieve.
        public let accountId: String

        @inlinable
        public init(accountId: String) {
            self.accountId = accountId
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct GetStorageLensConfigurationRequest: AWSEncodableShape {
        /// The account ID of the requester.
        public let accountId: String
        /// The ID of the Amazon S3 Storage Lens configuration.
        public let configId: String

        @inlinable
        public init(accountId: String, configId: String) {
            self.accountId = accountId
            self.configId = configId
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.configId, key: "ConfigId")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.configId, name: "configId", parent: name, max: 64)
            try self.validate(self.configId, name: "configId", parent: name, min: 1)
            try self.validate(self.configId, name: "configId", parent: name, pattern: "^[a-zA-Z0-9\\-\\_\\.]+$")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct GetStorageLensConfigurationResult: AWSDecodableShape {
        /// The S3 Storage Lens configuration requested.
        public let storageLensConfiguration: StorageLensConfiguration

        @inlinable
        public init(storageLensConfiguration: StorageLensConfiguration) {
            self.storageLensConfiguration = storageLensConfiguration
        }

        public init(from decoder: Decoder) throws {
            let container = try decoder.singleValueContainer()
            self.storageLensConfiguration = try container.decode(StorageLensConfiguration.self)
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct GetStorageLensConfigurationTaggingRequest: AWSEncodableShape {
        /// The account ID of the requester.
        public let accountId: String
        /// The ID of the Amazon S3 Storage Lens configuration.
        public let configId: String

        @inlinable
        public init(accountId: String, configId: String) {
            self.accountId = accountId
            self.configId = configId
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.configId, key: "ConfigId")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.configId, name: "configId", parent: name, max: 64)
            try self.validate(self.configId, name: "configId", parent: name, min: 1)
            try self.validate(self.configId, name: "configId", parent: name, pattern: "^[a-zA-Z0-9\\-\\_\\.]+$")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct GetStorageLensConfigurationTaggingResult: AWSDecodableShape {
        public struct _TagsEncoding: ArrayCoderProperties { public static let member = "Tag" }

        /// The tags of S3 Storage Lens configuration requested.
        @OptionalCustomCoding<ArrayCoder<_TagsEncoding, StorageLensTag>>
        public var tags: [StorageLensTag]?

        @inlinable
        public init(tags: [StorageLensTag]? = nil) {
            self.tags = tags
        }

        private enum CodingKeys: String, CodingKey {
            case tags = "Tags"
        }
    }

    public struct GetStorageLensGroupRequest: AWSEncodableShape {
        /// The Amazon Web Services account ID associated with the Storage Lens group that you're trying to retrieve the details for.
        public let accountId: String
        /// The name of the Storage Lens group that you're trying to retrieve the configuration details for.
        public let name: String

        @inlinable
        public init(accountId: String, name: String) {
            self.accountId = accountId
            self.name = name
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.name, key: "Name")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.name, name: "name", parent: name, max: 64)
            try self.validate(self.name, name: "name", parent: name, min: 1)
            try self.validate(self.name, name: "name", parent: name, pattern: "^[a-zA-Z0-9\\-\\_]+$")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct GetStorageLensGroupResult: AWSDecodableShape {
        /// The name of the Storage Lens group that you're trying to retrieve the configuration details for.
        public let storageLensGroup: StorageLensGroup

        @inlinable
        public init(storageLensGroup: StorageLensGroup) {
            self.storageLensGroup = storageLensGroup
        }

        public init(from decoder: Decoder) throws {
            let container = try decoder.singleValueContainer()
            self.storageLensGroup = try container.decode(StorageLensGroup.self)
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct Grantee: AWSEncodableShape & AWSDecodableShape {
        /// The unique identifier of the Grantee. If the grantee type is IAM, the identifier is the IAM Amazon Resource Name (ARN) of the user or role. If the grantee type is a directory user or group, the identifier is 128-bit universally unique identifier (UUID) in the format a1b2c3d4-5678-90ab-cdef-EXAMPLE11111. You can obtain this UUID from your Amazon Web Services IAM Identity Center instance.
        public let granteeIdentifier: String?
        /// The type of the grantee to which access has been granted. It can be one of the following values:    IAM - An IAM user or role.    DIRECTORY_USER - Your corporate directory user. You can use this option if you have added your corporate identity directory to IAM Identity Center and associated the IAM Identity Center instance with your S3 Access Grants instance.    DIRECTORY_GROUP - Your corporate directory group. You can use this option if you have added your corporate identity directory to IAM Identity Center and associated the IAM Identity Center instance with your S3 Access Grants instance.
        public let granteeType: GranteeType?

        @inlinable
        public init(granteeIdentifier: String? = nil, granteeType: GranteeType? = nil) {
            self.granteeIdentifier = granteeIdentifier
            self.granteeType = granteeType
        }

        private enum CodingKeys: String, CodingKey {
            case granteeIdentifier = "GranteeIdentifier"
            case granteeType = "GranteeType"
        }
    }

    public struct Include: AWSEncodableShape & AWSDecodableShape {
        public struct _BucketsEncoding: ArrayCoderProperties { public static let member = "Arn" }
        public struct _RegionsEncoding: ArrayCoderProperties { public static let member = "Region" }

        /// A container for the S3 Storage Lens bucket includes.
        @OptionalCustomCoding<ArrayCoder<_BucketsEncoding, String>>
        public var buckets: [String]?
        /// A container for the S3 Storage Lens Region includes.
        @OptionalCustomCoding<ArrayCoder<_RegionsEncoding, String>>
        public var regions: [String]?

        @inlinable
        public init(buckets: [String]? = nil, regions: [String]? = nil) {
            self.buckets = buckets
            self.regions = regions
        }

        public func validate(name: String) throws {
            try self.buckets?.forEach {
                try validate($0, name: "buckets[]", parent: name, max: 128)
                try validate($0, name: "buckets[]", parent: name, min: 1)
                try validate($0, name: "buckets[]", parent: name, pattern: "^arn:[^:]+:s3:")
            }
            try self.regions?.forEach {
                try validate($0, name: "regions[]", parent: name, max: 30)
                try validate($0, name: "regions[]", parent: name, min: 5)
                try validate($0, name: "regions[]", parent: name, pattern: "^[a-z0-9\\-]+$")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case buckets = "Buckets"
            case regions = "Regions"
        }
    }

    public struct JobDescriptor: AWSDecodableShape {
        /// Indicates whether confirmation is required before Amazon S3 begins running the specified job. Confirmation is required only for jobs created through the Amazon S3 console.
        public let confirmationRequired: Bool?
        /// A timestamp indicating when this job was created.
        public let creationTime: Date?
        /// The description for this job, if one was provided in this job's Create Job request.
        public let description: String?
        /// If the specified job failed, this field contains information describing the failure.
        @OptionalCustomCoding<StandardArrayCoder<JobFailure>>
        public var failureReasons: [JobFailure]?
        /// The attribute of the JobDescriptor containing details about the job's generated manifest.
        public let generatedManifestDescriptor: S3GeneratedManifestDescriptor?
        /// The Amazon Resource Name (ARN) for this job.
        public let jobArn: String?
        /// The ID for the specified job.
        public let jobId: String?
        /// The configuration information for the specified job's manifest object.
        public let manifest: JobManifest?
        /// The manifest generator that was used to generate a job manifest for this job.
        public let manifestGenerator: JobManifestGenerator?
        /// The operation that the specified job is configured to run on the objects listed in the manifest.
        public let operation: JobOperation?
        /// The priority of the specified job.
        public let priority: Int?
        /// Describes the total number of tasks that the specified job has run, the number of tasks that succeeded, and the number of tasks that failed.
        public let progressSummary: JobProgressSummary?
        /// Contains the configuration information for the job-completion report if you requested one in the Create Job request.
        public let report: JobReport?
        /// The Amazon Resource Name (ARN) for the Identity and Access Management (IAM) role assigned to run the tasks for this job.
        public let roleArn: String?
        /// The current status of the specified job.
        public let status: JobStatus?
        /// The reason for updating the job.
        public let statusUpdateReason: String?
        /// The reason why the specified job was suspended. A job is only suspended if you create it through the Amazon S3 console. When you create the job, it enters the Suspended state to await confirmation before running. After you confirm the job, it automatically exits the Suspended state.
        public let suspendedCause: String?
        /// The timestamp when this job was suspended, if it has been suspended.
        public let suspendedDate: Date?
        /// A timestamp indicating when this job terminated. A job's termination date is the date and time when it succeeded, failed, or was canceled.
        public let terminationDate: Date?

        @inlinable
        public init(confirmationRequired: Bool? = nil, creationTime: Date? = nil, description: String? = nil, failureReasons: [JobFailure]? = nil, generatedManifestDescriptor: S3GeneratedManifestDescriptor? = nil, jobArn: String? = nil, jobId: String? = nil, manifest: JobManifest? = nil, manifestGenerator: JobManifestGenerator? = nil, operation: JobOperation? = nil, priority: Int? = nil, progressSummary: JobProgressSummary? = nil, report: JobReport? = nil, roleArn: String? = nil, status: JobStatus? = nil, statusUpdateReason: String? = nil, suspendedCause: String? = nil, suspendedDate: Date? = nil, terminationDate: Date? = nil) {
            self.confirmationRequired = confirmationRequired
            self.creationTime = creationTime
            self.description = description
            self.failureReasons = failureReasons
            self.generatedManifestDescriptor = generatedManifestDescriptor
            self.jobArn = jobArn
            self.jobId = jobId
            self.manifest = manifest
            self.manifestGenerator = manifestGenerator
            self.operation = operation
            self.priority = priority
            self.progressSummary = progressSummary
            self.report = report
            self.roleArn = roleArn
            self.status = status
            self.statusUpdateReason = statusUpdateReason
            self.suspendedCause = suspendedCause
            self.suspendedDate = suspendedDate
            self.terminationDate = terminationDate
        }

        private enum CodingKeys: String, CodingKey {
            case confirmationRequired = "ConfirmationRequired"
            case creationTime = "CreationTime"
            case description = "Description"
            case failureReasons = "FailureReasons"
            case generatedManifestDescriptor = "GeneratedManifestDescriptor"
            case jobArn = "JobArn"
            case jobId = "JobId"
            case manifest = "Manifest"
            case manifestGenerator = "ManifestGenerator"
            case operation = "Operation"
            case priority = "Priority"
            case progressSummary = "ProgressSummary"
            case report = "Report"
            case roleArn = "RoleArn"
            case status = "Status"
            case statusUpdateReason = "StatusUpdateReason"
            case suspendedCause = "SuspendedCause"
            case suspendedDate = "SuspendedDate"
            case terminationDate = "TerminationDate"
        }
    }

    public struct JobFailure: AWSDecodableShape {
        /// The failure code, if any, for the specified job.
        public let failureCode: String?
        /// The failure reason, if any, for the specified job.
        public let failureReason: String?

        @inlinable
        public init(failureCode: String? = nil, failureReason: String? = nil) {
            self.failureCode = failureCode
            self.failureReason = failureReason
        }

        private enum CodingKeys: String, CodingKey {
            case failureCode = "FailureCode"
            case failureReason = "FailureReason"
        }
    }

    public struct JobListDescriptor: AWSDecodableShape {
        /// A timestamp indicating when the specified job was created.
        public let creationTime: Date?
        /// The user-specified description that was included in the specified job's Create Job request.
        public let description: String?
        /// The ID for the specified job.
        public let jobId: String?
        /// The operation that the specified job is configured to run on every object listed in the manifest.
        public let operation: OperationName?
        /// The current priority for the specified job.
        public let priority: Int?
        /// Describes the total number of tasks that the specified job has run, the number of tasks that succeeded, and the number of tasks that failed.
        public let progressSummary: JobProgressSummary?
        /// The specified job's current status.
        public let status: JobStatus?
        /// A timestamp indicating when the specified job terminated. A job's termination date is the date and time when it succeeded, failed, or was canceled.
        public let terminationDate: Date?

        @inlinable
        public init(creationTime: Date? = nil, description: String? = nil, jobId: String? = nil, operation: OperationName? = nil, priority: Int? = nil, progressSummary: JobProgressSummary? = nil, status: JobStatus? = nil, terminationDate: Date? = nil) {
            self.creationTime = creationTime
            self.description = description
            self.jobId = jobId
            self.operation = operation
            self.priority = priority
            self.progressSummary = progressSummary
            self.status = status
            self.terminationDate = terminationDate
        }

        private enum CodingKeys: String, CodingKey {
            case creationTime = "CreationTime"
            case description = "Description"
            case jobId = "JobId"
            case operation = "Operation"
            case priority = "Priority"
            case progressSummary = "ProgressSummary"
            case status = "Status"
            case terminationDate = "TerminationDate"
        }
    }

    public struct JobManifest: AWSEncodableShape & AWSDecodableShape {
        /// Contains the information required to locate the specified job's manifest. Manifests can't be imported from directory buckets. For more information, see Directory buckets.
        public let location: JobManifestLocation
        /// Describes the format of the specified job's manifest. If the manifest is in CSV format, also describes the columns contained within the manifest.
        public let spec: JobManifestSpec

        @inlinable
        public init(location: JobManifestLocation, spec: JobManifestSpec) {
            self.location = location
            self.spec = spec
        }

        public func validate(name: String) throws {
            try self.location.validate(name: "\(name).location")
        }

        private enum CodingKeys: String, CodingKey {
            case location = "Location"
            case spec = "Spec"
        }
    }

    public struct JobManifestGeneratorFilter: AWSEncodableShape & AWSDecodableShape {
        /// If provided, the generated manifest includes only source bucket objects that were created after this time.
        public let createdAfter: Date?
        /// If provided, the generated manifest includes only source bucket objects that were created before this time.
        public let createdBefore: Date?
        /// Include objects in the generated manifest only if they are eligible for replication according to the Replication configuration on the source bucket.
        public let eligibleForReplication: Bool?
        /// If provided, the generated manifest includes only source bucket objects whose object keys match the string constraints specified for MatchAnyPrefix, MatchAnySuffix, and MatchAnySubstring.
        public let keyNameConstraint: KeyNameConstraint?
        /// If provided, the generated manifest includes only source bucket objects that are stored with the specified storage class.
        @OptionalCustomCoding<StandardArrayCoder<S3StorageClass>>
        public var matchAnyStorageClass: [S3StorageClass]?
        /// If provided, the generated manifest includes only source bucket objects that have one of the specified Replication statuses.
        @OptionalCustomCoding<StandardArrayCoder<ReplicationStatus>>
        public var objectReplicationStatuses: [ReplicationStatus]?
        /// If provided, the generated manifest includes only source bucket objects whose file size is greater than the specified number of bytes.
        public let objectSizeGreaterThanBytes: Int64?
        /// If provided, the generated manifest includes only source bucket objects whose file size is less than the specified number of bytes.
        public let objectSizeLessThanBytes: Int64?

        @inlinable
        public init(createdAfter: Date? = nil, createdBefore: Date? = nil, eligibleForReplication: Bool? = nil, keyNameConstraint: KeyNameConstraint? = nil, matchAnyStorageClass: [S3StorageClass]? = nil, objectReplicationStatuses: [ReplicationStatus]? = nil, objectSizeGreaterThanBytes: Int64? = nil, objectSizeLessThanBytes: Int64? = nil) {
            self.createdAfter = createdAfter
            self.createdBefore = createdBefore
            self.eligibleForReplication = eligibleForReplication
            self.keyNameConstraint = keyNameConstraint
            self.matchAnyStorageClass = matchAnyStorageClass
            self.objectReplicationStatuses = objectReplicationStatuses
            self.objectSizeGreaterThanBytes = objectSizeGreaterThanBytes
            self.objectSizeLessThanBytes = objectSizeLessThanBytes
        }

        public func validate(name: String) throws {
            try self.keyNameConstraint?.validate(name: "\(name).keyNameConstraint")
        }

        private enum CodingKeys: String, CodingKey {
            case createdAfter = "CreatedAfter"
            case createdBefore = "CreatedBefore"
            case eligibleForReplication = "EligibleForReplication"
            case keyNameConstraint = "KeyNameConstraint"
            case matchAnyStorageClass = "MatchAnyStorageClass"
            case objectReplicationStatuses = "ObjectReplicationStatuses"
            case objectSizeGreaterThanBytes = "ObjectSizeGreaterThanBytes"
            case objectSizeLessThanBytes = "ObjectSizeLessThanBytes"
        }
    }

    public struct JobManifestLocation: AWSEncodableShape & AWSDecodableShape {
        /// The ETag for the specified manifest object.
        public let eTag: String
        /// The Amazon Resource Name (ARN) for a manifest object.  When you're using XML requests, you must
        /// replace special characters (such as carriage returns) in object keys with their equivalent XML entity codes.
        /// For more information, see  XML-related object key constraints in the Amazon S3 User Guide.
        public let objectArn: String
        /// The optional version ID to identify a specific version of the manifest object.
        public let objectVersionId: String?

        @inlinable
        public init(eTag: String, objectArn: String, objectVersionId: String? = nil) {
            self.eTag = eTag
            self.objectArn = objectArn
            self.objectVersionId = objectVersionId
        }

        public func validate(name: String) throws {
            try self.validate(self.eTag, name: "eTag", parent: name, max: 1024)
            try self.validate(self.eTag, name: "eTag", parent: name, min: 1)
            try self.validate(self.objectArn, name: "objectArn", parent: name, max: 2000)
            try self.validate(self.objectArn, name: "objectArn", parent: name, min: 1)
            try self.validate(self.objectArn, name: "objectArn", parent: name, pattern: "^arn:[^:]+:s3:")
            try self.validate(self.objectVersionId, name: "objectVersionId", parent: name, max: 2000)
            try self.validate(self.objectVersionId, name: "objectVersionId", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case eTag = "ETag"
            case objectArn = "ObjectArn"
            case objectVersionId = "ObjectVersionId"
        }
    }

    public struct JobManifestSpec: AWSEncodableShape & AWSDecodableShape {
        /// If the specified manifest object is in the S3BatchOperations_CSV_20180820 format, this element describes which columns contain the required data.
        @OptionalCustomCoding<StandardArrayCoder<JobManifestFieldName>>
        public var fields: [JobManifestFieldName]?
        /// Indicates which of the available formats the specified manifest uses.
        public let format: JobManifestFormat

        @inlinable
        public init(fields: [JobManifestFieldName]? = nil, format: JobManifestFormat) {
            self.fields = fields
            self.format = format
        }

        private enum CodingKeys: String, CodingKey {
            case fields = "Fields"
            case format = "Format"
        }
    }

    public struct JobOperation: AWSEncodableShape & AWSDecodableShape {
        /// Directs the specified job to invoke an Lambda function on every object in the manifest.
        public let lambdaInvoke: LambdaInvokeOperation?
        /// Directs the specified job to execute a DELETE Object tagging call on every object in the manifest.  This functionality is not supported by directory buckets.
        public let s3DeleteObjectTagging: S3DeleteObjectTaggingOperation?
        /// Directs the specified job to initiate restore requests for every archived object in the manifest.  This functionality is not supported by directory buckets.
        public let s3InitiateRestoreObject: S3InitiateRestoreObjectOperation?
        /// Directs the specified job to run a PutObjectAcl call on every object in the manifest.  This functionality is not supported by directory buckets.
        public let s3PutObjectAcl: S3SetObjectAclOperation?
        /// Directs the specified job to run a PUT Copy object call on every object in the manifest.
        public let s3PutObjectCopy: S3CopyObjectOperation?
        public let s3PutObjectLegalHold: S3SetObjectLegalHoldOperation?
        public let s3PutObjectRetention: S3SetObjectRetentionOperation?
        /// Directs the specified job to run a PUT Object tagging call on every object in the manifest.  This functionality is not supported by directory buckets.
        public let s3PutObjectTagging: S3SetObjectTaggingOperation?
        /// Directs the specified job to invoke ReplicateObject on every object in the job's manifest.  This functionality is not supported by directory buckets.
        public let s3ReplicateObject: S3ReplicateObjectOperation?

        @inlinable
        public init(lambdaInvoke: LambdaInvokeOperation? = nil, s3DeleteObjectTagging: S3DeleteObjectTaggingOperation? = nil, s3InitiateRestoreObject: S3InitiateRestoreObjectOperation? = nil, s3PutObjectAcl: S3SetObjectAclOperation? = nil, s3PutObjectCopy: S3CopyObjectOperation? = nil, s3PutObjectLegalHold: S3SetObjectLegalHoldOperation? = nil, s3PutObjectRetention: S3SetObjectRetentionOperation? = nil, s3PutObjectTagging: S3SetObjectTaggingOperation? = nil, s3ReplicateObject: S3ReplicateObjectOperation? = nil) {
            self.lambdaInvoke = lambdaInvoke
            self.s3DeleteObjectTagging = s3DeleteObjectTagging
            self.s3InitiateRestoreObject = s3InitiateRestoreObject
            self.s3PutObjectAcl = s3PutObjectAcl
            self.s3PutObjectCopy = s3PutObjectCopy
            self.s3PutObjectLegalHold = s3PutObjectLegalHold
            self.s3PutObjectRetention = s3PutObjectRetention
            self.s3PutObjectTagging = s3PutObjectTagging
            self.s3ReplicateObject = s3ReplicateObject
        }

        public func validate(name: String) throws {
            try self.lambdaInvoke?.validate(name: "\(name).lambdaInvoke")
            try self.s3InitiateRestoreObject?.validate(name: "\(name).s3InitiateRestoreObject")
            try self.s3PutObjectAcl?.validate(name: "\(name).s3PutObjectAcl")
            try self.s3PutObjectCopy?.validate(name: "\(name).s3PutObjectCopy")
            try self.s3PutObjectTagging?.validate(name: "\(name).s3PutObjectTagging")
        }

        private enum CodingKeys: String, CodingKey {
            case lambdaInvoke = "LambdaInvoke"
            case s3DeleteObjectTagging = "S3DeleteObjectTagging"
            case s3InitiateRestoreObject = "S3InitiateRestoreObject"
            case s3PutObjectAcl = "S3PutObjectAcl"
            case s3PutObjectCopy = "S3PutObjectCopy"
            case s3PutObjectLegalHold = "S3PutObjectLegalHold"
            case s3PutObjectRetention = "S3PutObjectRetention"
            case s3PutObjectTagging = "S3PutObjectTagging"
            case s3ReplicateObject = "S3ReplicateObject"
        }
    }

    public struct JobProgressSummary: AWSDecodableShape {
        public let numberOfTasksFailed: Int64?
        public let numberOfTasksSucceeded: Int64?
        /// The JobTimers attribute of a job's progress summary.
        public let timers: JobTimers?
        public let totalNumberOfTasks: Int64?

        @inlinable
        public init(numberOfTasksFailed: Int64? = nil, numberOfTasksSucceeded: Int64? = nil, timers: JobTimers? = nil, totalNumberOfTasks: Int64? = nil) {
            self.numberOfTasksFailed = numberOfTasksFailed
            self.numberOfTasksSucceeded = numberOfTasksSucceeded
            self.timers = timers
            self.totalNumberOfTasks = totalNumberOfTasks
        }

        private enum CodingKeys: String, CodingKey {
            case numberOfTasksFailed = "NumberOfTasksFailed"
            case numberOfTasksSucceeded = "NumberOfTasksSucceeded"
            case timers = "Timers"
            case totalNumberOfTasks = "TotalNumberOfTasks"
        }
    }

    public struct JobReport: AWSEncodableShape & AWSDecodableShape {
        /// The Amazon Resource Name (ARN) for the bucket where specified job-completion report will be stored.   Directory buckets - Directory buckets aren't supported  as a location for Batch Operations to store job completion reports.
        public let bucket: String?
        /// Indicates whether the specified job will generate a job-completion report.
        public let enabled: Bool
        /// The format of the specified job-completion report.
        public let format: JobReportFormat?
        /// An optional prefix to describe where in the specified bucket the job-completion report will be stored. Amazon S3 stores the job-completion report at /job-/report.json.
        public let prefix: String?
        /// Indicates whether the job-completion report will include details of all tasks or only failed tasks.
        public let reportScope: JobReportScope?

        @inlinable
        public init(bucket: String? = nil, enabled: Bool, format: JobReportFormat? = nil, prefix: String? = nil, reportScope: JobReportScope? = nil) {
            self.bucket = bucket
            self.enabled = enabled
            self.format = format
            self.prefix = prefix
            self.reportScope = reportScope
        }

        public func validate(name: String) throws {
            try self.validate(self.bucket, name: "bucket", parent: name, max: 128)
            try self.validate(self.bucket, name: "bucket", parent: name, min: 1)
            try self.validate(self.bucket, name: "bucket", parent: name, pattern: "^arn:[^:]+:s3:")
            try self.validate(self.prefix, name: "prefix", parent: name, max: 512)
            try self.validate(self.prefix, name: "prefix", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case bucket = "Bucket"
            case enabled = "Enabled"
            case format = "Format"
            case prefix = "Prefix"
            case reportScope = "ReportScope"
        }
    }

    public struct JobTimers: AWSDecodableShape {
        /// Indicates the elapsed time in seconds the job has been in the Active job state.
        public let elapsedTimeInActiveSeconds: Int64?

        @inlinable
        public init(elapsedTimeInActiveSeconds: Int64? = nil) {
            self.elapsedTimeInActiveSeconds = elapsedTimeInActiveSeconds
        }

        private enum CodingKeys: String, CodingKey {
            case elapsedTimeInActiveSeconds = "ElapsedTimeInActiveSeconds"
        }
    }

    public struct KeyNameConstraint: AWSEncodableShape & AWSDecodableShape {
        /// If provided, the generated manifest includes objects where the specified string appears at the start of the object key string. Each KeyNameConstraint filter accepts an array of strings with a length of 1 string.
        @OptionalCustomCoding<StandardArrayCoder<String>>
        public var matchAnyPrefix: [String]?
        /// If provided, the generated manifest includes objects where the specified string appears anywhere within the object key string. Each KeyNameConstraint filter accepts an array of strings with a length of 1 string.
        @OptionalCustomCoding<StandardArrayCoder<String>>
        public var matchAnySubstring: [String]?
        /// If provided, the generated manifest includes objects where the specified string appears at the end of the object key string. Each KeyNameConstraint filter accepts an array of strings with a length of 1 string.
        @OptionalCustomCoding<StandardArrayCoder<String>>
        public var matchAnySuffix: [String]?

        @inlinable
        public init(matchAnyPrefix: [String]? = nil, matchAnySubstring: [String]? = nil, matchAnySuffix: [String]? = nil) {
            self.matchAnyPrefix = matchAnyPrefix
            self.matchAnySubstring = matchAnySubstring
            self.matchAnySuffix = matchAnySuffix
        }

        public func validate(name: String) throws {
            try self.matchAnyPrefix?.forEach {
                try validate($0, name: "matchAnyPrefix[]", parent: name, max: 1024)
                try validate($0, name: "matchAnyPrefix[]", parent: name, min: 1)
            }
            try self.matchAnySubstring?.forEach {
                try validate($0, name: "matchAnySubstring[]", parent: name, max: 1024)
                try validate($0, name: "matchAnySubstring[]", parent: name, min: 1)
            }
            try self.matchAnySuffix?.forEach {
                try validate($0, name: "matchAnySuffix[]", parent: name, max: 1024)
                try validate($0, name: "matchAnySuffix[]", parent: name, min: 1)
            }
        }

        private enum CodingKeys: String, CodingKey {
            case matchAnyPrefix = "MatchAnyPrefix"
            case matchAnySubstring = "MatchAnySubstring"
            case matchAnySuffix = "MatchAnySuffix"
        }
    }

    public struct LambdaInvokeOperation: AWSEncodableShape & AWSDecodableShape {
        /// The Amazon Resource Name (ARN) for the Lambda function that the specified job will invoke on every object in the manifest.
        public let functionArn: String?
        /// Specifies the schema version for the payload that Batch Operations sends when invoking an Lambda function. Version 1.0 is the default. Version 2.0 is required when you use Batch Operations to invoke Lambda functions that act on directory buckets, or if you need to specify UserArguments. For more information, see Automate object processing in Amazon S3 directory buckets with S3 Batch Operations and Lambda in the Amazon Web Services Storage Blog.  Ensure that your Lambda function code expects InvocationSchemaVersion 2.0 and uses bucket name rather than bucket ARN. If the InvocationSchemaVersion does not match what your Lambda function expects, your function might not work as expected.    Directory buckets - To initiate Amazon Web Services Lambda function to perform custom actions on objects in directory buckets, you must specify 2.0.
        public let invocationSchemaVersion: String?
        /// Key-value pairs that are passed in the payload that Batch Operations sends when invoking an Lambda function. You must specify InvocationSchemaVersion 2.0 for LambdaInvoke operations that include UserArguments. For more information, see Automate object processing in Amazon S3 directory buckets with S3 Batch Operations and Lambda in the Amazon Web Services Storage Blog.
        @OptionalCustomCoding<StandardDictionaryCoder<String, String>>
        public var userArguments: [String: String]?

        @inlinable
        public init(functionArn: String? = nil, invocationSchemaVersion: String? = nil, userArguments: [String: String]? = nil) {
            self.functionArn = functionArn
            self.invocationSchemaVersion = invocationSchemaVersion
            self.userArguments = userArguments
        }

        public func validate(name: String) throws {
            try self.validate(self.functionArn, name: "functionArn", parent: name, max: 1024)
            try self.validate(self.functionArn, name: "functionArn", parent: name, min: 1)
            try self.validate(self.functionArn, name: "functionArn", parent: name, pattern: "^(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\\d{1}:)?(\\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\\$LATEST|[a-zA-Z0-9-_]+))?$")
            try self.validate(self.invocationSchemaVersion, name: "invocationSchemaVersion", parent: name, max: 64)
            try self.validate(self.invocationSchemaVersion, name: "invocationSchemaVersion", parent: name, min: 1)
            try self.userArguments?.forEach {
                try validate($0.key, name: "userArguments.key", parent: name, max: 64)
                try validate($0.key, name: "userArguments.key", parent: name, min: 1)
                try validate($0.value, name: "userArguments[\"\($0.key)\"]", parent: name, max: 1024)
            }
            try self.validate(self.userArguments, name: "userArguments", parent: name, max: 10)
            try self.validate(self.userArguments, name: "userArguments", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case functionArn = "FunctionArn"
            case invocationSchemaVersion = "InvocationSchemaVersion"
            case userArguments = "UserArguments"
        }
    }

    public struct LifecycleConfiguration: AWSEncodableShape {
        public struct _RulesEncoding: ArrayCoderProperties { public static let member = "Rule" }

        /// A lifecycle rule for individual objects in an Outposts bucket.
        @OptionalCustomCoding<ArrayCoder<_RulesEncoding, LifecycleRule>>
        public var rules: [LifecycleRule]?

        @inlinable
        public init(rules: [LifecycleRule]? = nil) {
            self.rules = rules
        }

        public func validate(name: String) throws {
            try self.rules?.forEach {
                try $0.validate(name: "\(name).rules[]")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case rules = "Rules"
        }
    }

    public struct LifecycleExpiration: AWSEncodableShape & AWSDecodableShape {
        /// Indicates at what date the object is to be deleted. Should be in GMT ISO 8601 format.
        public let date: Date?
        /// Indicates the lifetime, in days, of the objects that are subject to the rule. The value must be a non-zero positive integer.
        public let days: Int?
        /// Indicates whether Amazon S3 will remove a delete marker with no noncurrent versions. If set to true, the delete marker will be expired. If set to false, the policy takes no action. This cannot be specified with Days or Date in a Lifecycle Expiration Policy. To learn more about delete markers, see Working with delete markers.
        public let expiredObjectDeleteMarker: Bool?

        @inlinable
        public init(date: Date? = nil, days: Int? = nil, expiredObjectDeleteMarker: Bool? = nil) {
            self.date = date
            self.days = days
            self.expiredObjectDeleteMarker = expiredObjectDeleteMarker
        }

        private enum CodingKeys: String, CodingKey {
            case date = "Date"
            case days = "Days"
            case expiredObjectDeleteMarker = "ExpiredObjectDeleteMarker"
        }
    }

    public struct LifecycleRule: AWSEncodableShape & AWSDecodableShape {
        public struct _NoncurrentVersionTransitionsEncoding: ArrayCoderProperties { public static let member = "NoncurrentVersionTransition" }
        public struct _TransitionsEncoding: ArrayCoderProperties { public static let member = "Transition" }

        /// Specifies the days since the initiation of an incomplete multipart upload that Amazon S3 waits before permanently removing all parts of the upload. For more information, see  Aborting Incomplete Multipart Uploads Using a Bucket Lifecycle Configuration in the Amazon S3 User Guide.
        public let abortIncompleteMultipartUpload: AbortIncompleteMultipartUpload?
        /// Specifies the expiration for the lifecycle of the object in the form of date, days and, whether the object has a delete marker.
        public let expiration: LifecycleExpiration?
        /// The container for the filter of lifecycle rule.
        public let filter: LifecycleRuleFilter?
        /// Unique identifier for the rule. The value cannot be longer than 255 characters.
        public let id: String?
        /// The noncurrent version expiration of the lifecycle rule.
        public let noncurrentVersionExpiration: NoncurrentVersionExpiration?
        ///  Specifies the transition rule for the lifecycle rule that describes when noncurrent objects transition to a specific storage class. If your bucket is versioning-enabled (or versioning is suspended), you can set this action to request that Amazon S3 transition noncurrent object versions to a specific storage class at a set period in the object's lifetime.   This is not supported by Amazon S3 on Outposts buckets.
        @OptionalCustomCoding<ArrayCoder<_NoncurrentVersionTransitionsEncoding, NoncurrentVersionTransition>>
        public var noncurrentVersionTransitions: [NoncurrentVersionTransition]?
        /// If 'Enabled', the rule is currently being applied. If 'Disabled', the rule is not currently being applied.
        public let status: ExpirationStatus
        /// Specifies when an Amazon S3 object transitions to a specified storage class.  This is not supported by Amazon S3 on Outposts buckets.
        @OptionalCustomCoding<ArrayCoder<_TransitionsEncoding, Transition>>
        public var transitions: [Transition]?

        @inlinable
        public init(abortIncompleteMultipartUpload: AbortIncompleteMultipartUpload? = nil, expiration: LifecycleExpiration? = nil, filter: LifecycleRuleFilter? = nil, id: String? = nil, noncurrentVersionExpiration: NoncurrentVersionExpiration? = nil, noncurrentVersionTransitions: [NoncurrentVersionTransition]? = nil, status: ExpirationStatus, transitions: [Transition]? = nil) {
            self.abortIncompleteMultipartUpload = abortIncompleteMultipartUpload
            self.expiration = expiration
            self.filter = filter
            self.id = id
            self.noncurrentVersionExpiration = noncurrentVersionExpiration
            self.noncurrentVersionTransitions = noncurrentVersionTransitions
            self.status = status
            self.transitions = transitions
        }

        public func validate(name: String) throws {
            try self.filter?.validate(name: "\(name).filter")
        }

        private enum CodingKeys: String, CodingKey {
            case abortIncompleteMultipartUpload = "AbortIncompleteMultipartUpload"
            case expiration = "Expiration"
            case filter = "Filter"
            case id = "ID"
            case noncurrentVersionExpiration = "NoncurrentVersionExpiration"
            case noncurrentVersionTransitions = "NoncurrentVersionTransitions"
            case status = "Status"
            case transitions = "Transitions"
        }
    }

    public struct LifecycleRuleAndOperator: AWSEncodableShape & AWSDecodableShape {
        /// The non-inclusive minimum object size for the lifecycle rule. Setting this property to 7 means the rule applies to objects with a size that is greater than 7.
        public let objectSizeGreaterThan: Int64?
        /// The non-inclusive maximum object size for the lifecycle rule. Setting this property to 77 means the rule applies to objects with a size that is less than 77.
        public let objectSizeLessThan: Int64?
        /// Prefix identifying one or more objects to which the rule applies.
        public let prefix: String?
        /// All of these tags must exist in the object's tag set in order for the rule to apply.
        @OptionalCustomCoding<StandardArrayCoder<S3Tag>>
        public var tags: [S3Tag]?

        @inlinable
        public init(objectSizeGreaterThan: Int64? = nil, objectSizeLessThan: Int64? = nil, prefix: String? = nil, tags: [S3Tag]? = nil) {
            self.objectSizeGreaterThan = objectSizeGreaterThan
            self.objectSizeLessThan = objectSizeLessThan
            self.prefix = prefix
            self.tags = tags
        }

        public func validate(name: String) throws {
            try self.tags?.forEach {
                try $0.validate(name: "\(name).tags[]")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case objectSizeGreaterThan = "ObjectSizeGreaterThan"
            case objectSizeLessThan = "ObjectSizeLessThan"
            case prefix = "Prefix"
            case tags = "Tags"
        }
    }

    public struct LifecycleRuleFilter: AWSEncodableShape & AWSDecodableShape {
        /// The container for the AND condition for the lifecycle rule.
        public let and: LifecycleRuleAndOperator?
        /// Minimum object size to which the rule applies.
        public let objectSizeGreaterThan: Int64?
        /// Maximum object size to which the rule applies.
        public let objectSizeLessThan: Int64?
        /// Prefix identifying one or more objects to which the rule applies.  When you're using XML requests, you must
        /// replace special characters (such as carriage returns) in object keys with their equivalent XML entity codes.
        /// For more information, see  XML-related object key constraints in the Amazon S3 User Guide.
        public let prefix: String?
        public let tag: S3Tag?

        @inlinable
        public init(and: LifecycleRuleAndOperator? = nil, objectSizeGreaterThan: Int64? = nil, objectSizeLessThan: Int64? = nil, prefix: String? = nil, tag: S3Tag? = nil) {
            self.and = and
            self.objectSizeGreaterThan = objectSizeGreaterThan
            self.objectSizeLessThan = objectSizeLessThan
            self.prefix = prefix
            self.tag = tag
        }

        public func validate(name: String) throws {
            try self.and?.validate(name: "\(name).and")
            try self.tag?.validate(name: "\(name).tag")
        }

        private enum CodingKeys: String, CodingKey {
            case and = "And"
            case objectSizeGreaterThan = "ObjectSizeGreaterThan"
            case objectSizeLessThan = "ObjectSizeLessThan"
            case prefix = "Prefix"
            case tag = "Tag"
        }
    }

    public struct ListAccessGrantEntry: AWSDecodableShape {
        /// The Amazon Resource Name (ARN) of the access grant.
        public let accessGrantArn: String?
        /// The ID of the access grant. S3 Access Grants auto-generates this ID when you create the access grant.
        public let accessGrantId: String?
        /// The configuration options of the grant location. The grant location is the S3 path to the data to which you are granting access.
        public let accessGrantsLocationConfiguration: AccessGrantsLocationConfiguration?
        /// The ID of the registered location to which you are granting access. S3 Access Grants assigns this ID when you register the location. S3 Access Grants assigns the ID default to the default location s3:// and assigns an auto-generated ID to other locations that you register.
        public let accessGrantsLocationId: String?
        /// The Amazon Resource Name (ARN) of an Amazon Web Services IAM Identity Center application associated with your Identity Center instance. If the grant includes an application ARN, the grantee can only access the S3 data through this application.
        public let applicationArn: String?
        /// The date and time when you created the S3 Access Grants instance.
        public let createdAt: Date?
        /// The user, group, or role to which you are granting access. You can grant access to an IAM user or role. If you have added your corporate directory to Amazon Web Services IAM Identity Center and associated your Identity Center instance with your S3 Access Grants instance, the grantee can also be a corporate directory user or group.
        public let grantee: Grantee?
        /// The S3 path of the data to which you are granting access. It is the result of appending the Subprefix to the location scope.
        public let grantScope: String?
        /// The type of access granted to your S3 data, which can be set to one of the following values:    READ – Grant read-only access to the S3 data.    WRITE – Grant write-only access to the S3 data.    READWRITE – Grant both read and write access to the S3 data.
        public let permission: Permission?

        @inlinable
        public init(accessGrantArn: String? = nil, accessGrantId: String? = nil, accessGrantsLocationConfiguration: AccessGrantsLocationConfiguration? = nil, accessGrantsLocationId: String? = nil, applicationArn: String? = nil, createdAt: Date? = nil, grantee: Grantee? = nil, grantScope: String? = nil, permission: Permission? = nil) {
            self.accessGrantArn = accessGrantArn
            self.accessGrantId = accessGrantId
            self.accessGrantsLocationConfiguration = accessGrantsLocationConfiguration
            self.accessGrantsLocationId = accessGrantsLocationId
            self.applicationArn = applicationArn
            self.createdAt = createdAt
            self.grantee = grantee
            self.grantScope = grantScope
            self.permission = permission
        }

        private enum CodingKeys: String, CodingKey {
            case accessGrantArn = "AccessGrantArn"
            case accessGrantId = "AccessGrantId"
            case accessGrantsLocationConfiguration = "AccessGrantsLocationConfiguration"
            case accessGrantsLocationId = "AccessGrantsLocationId"
            case applicationArn = "ApplicationArn"
            case createdAt = "CreatedAt"
            case grantee = "Grantee"
            case grantScope = "GrantScope"
            case permission = "Permission"
        }
    }

    public struct ListAccessGrantsInstanceEntry: AWSDecodableShape {
        /// The Amazon Resource Name (ARN) of the S3 Access Grants instance.
        public let accessGrantsInstanceArn: String?
        /// The ID of the S3 Access Grants instance. The ID is default. You can have one S3 Access Grants instance per Region per account.
        public let accessGrantsInstanceId: String?
        /// The date and time when you created the S3 Access Grants instance.
        public let createdAt: Date?
        /// If you associated your S3 Access Grants instance with an Amazon Web Services IAM Identity Center instance, this field returns the Amazon Resource Name (ARN) of the IAM Identity Center instance application; a subresource of the original Identity Center instance. S3 Access Grants creates this Identity Center application for the specific S3 Access Grants instance.
        public let identityCenterApplicationArn: String?
        /// If you associated your S3 Access Grants instance with an Amazon Web Services IAM Identity Center instance, this field returns the Amazon Resource Name (ARN) of the IAM Identity Center instance application; a subresource of the original Identity Center instance. S3 Access Grants creates this Identity Center application for the specific S3 Access Grants instance.
        public let identityCenterArn: String?
        /// The Amazon Resource Name (ARN) of the Amazon Web Services IAM Identity Center instance that you are associating with your S3 Access Grants instance. An IAM Identity Center instance is your corporate identity directory that you added to the IAM Identity Center. You can use the ListInstances API operation to retrieve a list of your Identity Center instances and their ARNs.
        public let identityCenterInstanceArn: String?

        @inlinable
        public init(accessGrantsInstanceArn: String? = nil, accessGrantsInstanceId: String? = nil, createdAt: Date? = nil, identityCenterApplicationArn: String? = nil, identityCenterInstanceArn: String? = nil) {
            self.accessGrantsInstanceArn = accessGrantsInstanceArn
            self.accessGrantsInstanceId = accessGrantsInstanceId
            self.createdAt = createdAt
            self.identityCenterApplicationArn = identityCenterApplicationArn
            self.identityCenterArn = nil
            self.identityCenterInstanceArn = identityCenterInstanceArn
        }

        @available(*, deprecated, message: "Members identityCenterArn have been deprecated")
        @inlinable
        public init(accessGrantsInstanceArn: String? = nil, accessGrantsInstanceId: String? = nil, createdAt: Date? = nil, identityCenterApplicationArn: String? = nil, identityCenterArn: String? = nil, identityCenterInstanceArn: String? = nil) {
            self.accessGrantsInstanceArn = accessGrantsInstanceArn
            self.accessGrantsInstanceId = accessGrantsInstanceId
            self.createdAt = createdAt
            self.identityCenterApplicationArn = identityCenterApplicationArn
            self.identityCenterArn = identityCenterArn
            self.identityCenterInstanceArn = identityCenterInstanceArn
        }

        private enum CodingKeys: String, CodingKey {
            case accessGrantsInstanceArn = "AccessGrantsInstanceArn"
            case accessGrantsInstanceId = "AccessGrantsInstanceId"
            case createdAt = "CreatedAt"
            case identityCenterApplicationArn = "IdentityCenterApplicationArn"
            case identityCenterArn = "IdentityCenterArn"
            case identityCenterInstanceArn = "IdentityCenterInstanceArn"
        }
    }

    public struct ListAccessGrantsInstancesRequest: AWSEncodableShape {
        public static let _options: AWSShapeOptions = [.checksumRequired]
        /// The Amazon Web Services account ID of the S3 Access Grants instance.
        public let accountId: String
        /// The maximum number of access grants that you would like returned in the List Access Grants response. If the results include the pagination token NextToken, make another call using the NextToken to determine if there are more results.
        public let maxResults: Int?
        /// A pagination token to request the next page of results. Pass this value into a subsequent List Access Grants Instances request in order to retrieve the next page of results.
        public let nextToken: String?

        @inlinable
        public init(accountId: String, maxResults: Int? = nil, nextToken: String? = nil) {
            self.accountId = accountId
            self.maxResults = maxResults
            self.nextToken = nextToken
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodeQuery(self.maxResults, key: "maxResults")
            request.encodeQuery(self.nextToken, key: "nextToken")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 1000)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 0)
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct ListAccessGrantsInstancesResult: AWSDecodableShape {
        public struct _AccessGrantsInstancesListEncoding: ArrayCoderProperties { public static let member = "AccessGrantsInstance" }

        /// A container for a list of S3 Access Grants instances.
        @OptionalCustomCoding<ArrayCoder<_AccessGrantsInstancesListEncoding, ListAccessGrantsInstanceEntry>>
        public var accessGrantsInstancesList: [ListAccessGrantsInstanceEntry]?
        /// A pagination token to request the next page of results. Pass this value into a subsequent List Access Grants Instances request in order to retrieve the next page of results.
        public let nextToken: String?

        @inlinable
        public init(accessGrantsInstancesList: [ListAccessGrantsInstanceEntry]? = nil, nextToken: String? = nil) {
            self.accessGrantsInstancesList = accessGrantsInstancesList
            self.nextToken = nextToken
        }

        private enum CodingKeys: String, CodingKey {
            case accessGrantsInstancesList = "AccessGrantsInstancesList"
            case nextToken = "NextToken"
        }
    }

    public struct ListAccessGrantsLocationsEntry: AWSDecodableShape {
        /// The Amazon Resource Name (ARN) of the registered location.
        public let accessGrantsLocationArn: String?
        /// The ID of the registered location to which you are granting access. S3 Access Grants assigns this ID when you register the location. S3 Access Grants assigns the ID default to the default location s3:// and assigns an auto-generated ID to other locations that you register.
        public let accessGrantsLocationId: String?
        /// The date and time when you registered the location.
        public let createdAt: Date?
        /// The Amazon Resource Name (ARN) of the IAM role for the registered location. S3 Access Grants assumes this role to manage access to the registered location.
        public let iamRoleArn: String?
        /// The S3 path to the location that you are registering. The location scope can be the default S3 location s3://, the S3 path to a bucket s3://, or the S3 path to a bucket and prefix s3:///. A prefix in S3 is a string of characters at the beginning of an object key name used to organize the objects that you store in your S3 buckets. For example, object key names that start with the engineering/ prefix or object key names that start with the marketing/campaigns/ prefix.
        public let locationScope: String?

        @inlinable
        public init(accessGrantsLocationArn: String? = nil, accessGrantsLocationId: String? = nil, createdAt: Date? = nil, iamRoleArn: String? = nil, locationScope: String? = nil) {
            self.accessGrantsLocationArn = accessGrantsLocationArn
            self.accessGrantsLocationId = accessGrantsLocationId
            self.createdAt = createdAt
            self.iamRoleArn = iamRoleArn
            self.locationScope = locationScope
        }

        private enum CodingKeys: String, CodingKey {
            case accessGrantsLocationArn = "AccessGrantsLocationArn"
            case accessGrantsLocationId = "AccessGrantsLocationId"
            case createdAt = "CreatedAt"
            case iamRoleArn = "IAMRoleArn"
            case locationScope = "LocationScope"
        }
    }

    public struct ListAccessGrantsLocationsRequest: AWSEncodableShape {
        public static let _options: AWSShapeOptions = [.checksumRequired]
        /// The Amazon Web Services account ID of the S3 Access Grants instance.
        public let accountId: String
        /// The S3 path to the location that you are registering. The location scope can be the default S3 location s3://, the S3 path to a bucket s3://, or the S3 path to a bucket and prefix s3:///. A prefix in S3 is a string of characters at the beginning of an object key name used to organize the objects that you store in your S3 buckets. For example, object key names that start with the engineering/ prefix or object key names that start with the marketing/campaigns/ prefix.
        public let locationScope: String?
        /// The maximum number of access grants that you would like returned in the List Access Grants response. If the results include the pagination token NextToken, make another call using the NextToken to determine if there are more results.
        public let maxResults: Int?
        /// A pagination token to request the next page of results. Pass this value into a subsequent List Access Grants Locations request in order to retrieve the next page of results.
        public let nextToken: String?

        @inlinable
        public init(accountId: String, locationScope: String? = nil, maxResults: Int? = nil, nextToken: String? = nil) {
            self.accountId = accountId
            self.locationScope = locationScope
            self.maxResults = maxResults
            self.nextToken = nextToken
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodeQuery(self.locationScope, key: "locationscope")
            request.encodeQuery(self.maxResults, key: "maxResults")
            request.encodeQuery(self.nextToken, key: "nextToken")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.locationScope, name: "locationScope", parent: name, max: 2000)
            try self.validate(self.locationScope, name: "locationScope", parent: name, min: 1)
            try self.validate(self.locationScope, name: "locationScope", parent: name, pattern: "^.+$")
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 1000)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 0)
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct ListAccessGrantsLocationsResult: AWSDecodableShape {
        public struct _AccessGrantsLocationsListEncoding: ArrayCoderProperties { public static let member = "AccessGrantsLocation" }

        /// A container for a list of registered locations in an S3 Access Grants instance.
        @OptionalCustomCoding<ArrayCoder<_AccessGrantsLocationsListEncoding, ListAccessGrantsLocationsEntry>>
        public var accessGrantsLocationsList: [ListAccessGrantsLocationsEntry]?
        /// A pagination token to request the next page of results. Pass this value into a subsequent List Access Grants Locations request in order to retrieve the next page of results.
        public let nextToken: String?

        @inlinable
        public init(accessGrantsLocationsList: [ListAccessGrantsLocationsEntry]? = nil, nextToken: String? = nil) {
            self.accessGrantsLocationsList = accessGrantsLocationsList
            self.nextToken = nextToken
        }

        private enum CodingKeys: String, CodingKey {
            case accessGrantsLocationsList = "AccessGrantsLocationsList"
            case nextToken = "NextToken"
        }
    }

    public struct ListAccessGrantsRequest: AWSEncodableShape {
        public static let _options: AWSShapeOptions = [.checksumRequired]
        /// The Amazon Web Services account ID of the S3 Access Grants instance.
        public let accountId: String
        /// The Amazon Resource Name (ARN) of an Amazon Web Services IAM Identity Center application associated with your Identity Center instance. If the grant includes an application ARN, the grantee can only access the S3 data through this application.
        public let applicationArn: String?
        /// The unique identifer of the Grantee. If the grantee type is IAM, the identifier is the IAM Amazon Resource Name (ARN) of the user or role. If the grantee type is a directory user or group, the identifier is 128-bit universally unique identifier (UUID) in the format a1b2c3d4-5678-90ab-cdef-EXAMPLE11111. You can obtain this UUID from your Amazon Web Services IAM Identity Center instance.
        public let granteeIdentifier: String?
        /// The type of the grantee to which access has been granted. It can be one of the following values:    IAM - An IAM user or role.    DIRECTORY_USER - Your corporate directory user. You can use this option if you have added your corporate identity directory to IAM Identity Center and associated the IAM Identity Center instance with your S3 Access Grants instance.    DIRECTORY_GROUP - Your corporate directory group. You can use this option if you have added your corporate identity directory to IAM Identity Center and associated the IAM Identity Center instance with your S3 Access Grants instance.
        public let granteeType: GranteeType?
        /// The S3 path of the data to which you are granting access. It is the result of appending the Subprefix to the location scope.
        public let grantScope: String?
        /// The maximum number of access grants that you would like returned in the List Access Grants response. If the results include the pagination token NextToken, make another call using the NextToken to determine if there are more results.
        public let maxResults: Int?
        /// A pagination token to request the next page of results. Pass this value into a subsequent List Access Grants request in order to retrieve the next page of results.
        public let nextToken: String?
        /// The type of permission granted to your S3 data, which can be set to one of the following values:    READ – Grant read-only access to the S3 data.    WRITE – Grant write-only access to the S3 data.    READWRITE – Grant both read and write access to the S3 data.
        public let permission: Permission?

        @inlinable
        public init(accountId: String, applicationArn: String? = nil, granteeIdentifier: String? = nil, granteeType: GranteeType? = nil, grantScope: String? = nil, maxResults: Int? = nil, nextToken: String? = nil, permission: Permission? = nil) {
            self.accountId = accountId
            self.applicationArn = applicationArn
            self.granteeIdentifier = granteeIdentifier
            self.granteeType = granteeType
            self.grantScope = grantScope
            self.maxResults = maxResults
            self.nextToken = nextToken
            self.permission = permission
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodeQuery(self.applicationArn, key: "application_arn")
            request.encodeQuery(self.granteeIdentifier, key: "granteeidentifier")
            request.encodeQuery(self.granteeType, key: "granteetype")
            request.encodeQuery(self.grantScope, key: "grantscope")
            request.encodeQuery(self.maxResults, key: "maxResults")
            request.encodeQuery(self.nextToken, key: "nextToken")
            request.encodeQuery(self.permission, key: "permission")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.applicationArn, name: "applicationArn", parent: name, max: 1224)
            try self.validate(self.applicationArn, name: "applicationArn", parent: name, min: 10)
            try self.validate(self.applicationArn, name: "applicationArn", parent: name, pattern: "^arn:[^:]+:sso::\\d{12}:application/.*$")
            try self.validate(self.grantScope, name: "grantScope", parent: name, max: 2000)
            try self.validate(self.grantScope, name: "grantScope", parent: name, min: 1)
            try self.validate(self.grantScope, name: "grantScope", parent: name, pattern: "^.+$")
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 1000)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 0)
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct ListAccessGrantsResult: AWSDecodableShape {
        public struct _AccessGrantsListEncoding: ArrayCoderProperties { public static let member = "AccessGrant" }

        /// A container for a list of grants in an S3 Access Grants instance.
        @OptionalCustomCoding<ArrayCoder<_AccessGrantsListEncoding, ListAccessGrantEntry>>
        public var accessGrantsList: [ListAccessGrantEntry]?
        /// A pagination token to request the next page of results. Pass this value into a subsequent List Access Grants request in order to retrieve the next page of results.
        public let nextToken: String?

        @inlinable
        public init(accessGrantsList: [ListAccessGrantEntry]? = nil, nextToken: String? = nil) {
            self.accessGrantsList = accessGrantsList
            self.nextToken = nextToken
        }

        private enum CodingKeys: String, CodingKey {
            case accessGrantsList = "AccessGrantsList"
            case nextToken = "NextToken"
        }
    }

    public struct ListAccessPointsForDirectoryBucketsRequest: AWSEncodableShape {
        /// The Amazon Web Services account ID that owns the access points.
        public let accountId: String
        /// The name of the directory bucket associated with the access points you want to list.
        public let directoryBucket: String?
        /// The maximum number of access points that you would like returned in the ListAccessPointsForDirectoryBuckets response. If the directory bucket is associated with more than this number of access points, the results include the pagination token NextToken. Make another call using the NextToken to retrieve more results.
        public let maxResults: Int?
        ///  If NextToken is returned, there are more access points available than requested in the maxResults value. The value of NextToken is a unique pagination token for each page. Make the call again using the returned token to retrieve the next page. Keep all other arguments unchanged. Each pagination token expires after 24 hours.
        public let nextToken: String?

        @inlinable
        public init(accountId: String, directoryBucket: String? = nil, maxResults: Int? = nil, nextToken: String? = nil) {
            self.accountId = accountId
            self.directoryBucket = directoryBucket
            self.maxResults = maxResults
            self.nextToken = nextToken
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodeQuery(self.directoryBucket, key: "directoryBucket")
            request.encodeQuery(self.maxResults, key: "maxResults")
            request.encodeQuery(self.nextToken, key: "nextToken")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.directoryBucket, name: "directoryBucket", parent: name, max: 255)
            try self.validate(self.directoryBucket, name: "directoryBucket", parent: name, min: 3)
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 1000)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 0)
            try self.validate(self.nextToken, name: "nextToken", parent: name, max: 1024)
            try self.validate(self.nextToken, name: "nextToken", parent: name, min: 1)
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct ListAccessPointsForDirectoryBucketsResult: AWSDecodableShape {
        public struct _AccessPointListEncoding: ArrayCoderProperties { public static let member = "AccessPoint" }

        /// Contains identification and configuration information for one or more access points associated with the directory bucket.
        @OptionalCustomCoding<ArrayCoder<_AccessPointListEncoding, AccessPoint>>
        public var accessPointList: [AccessPoint]?
        ///  If NextToken is returned, there are more access points available than requested in the maxResults value. The value of NextToken is a unique pagination token for each page. Make the call again using the returned token to retrieve the next page. Keep all other arguments unchanged. Each pagination token expires after 24 hours.
        public let nextToken: String?

        @inlinable
        public init(accessPointList: [AccessPoint]? = nil, nextToken: String? = nil) {
            self.accessPointList = accessPointList
            self.nextToken = nextToken
        }

        private enum CodingKeys: String, CodingKey {
            case accessPointList = "AccessPointList"
            case nextToken = "NextToken"
        }
    }

    public struct ListAccessPointsForObjectLambdaRequest: AWSEncodableShape {
        /// The account ID for the account that owns the specified Object Lambda Access Point.
        public let accountId: String
        /// The maximum number of access points that you want to include in the list. The response may contain fewer access points but will never contain more. If there are more than this number of access points, then the response will include a continuation token in the NextToken field that you can use to retrieve the next page of access points.
        public let maxResults: Int?
        /// If the list has more access points than can be returned in one call to this API, this field contains a continuation token that you can provide in subsequent calls to this API to retrieve additional access points.
        public let nextToken: String?

        @inlinable
        public init(accountId: String, maxResults: Int? = nil, nextToken: String? = nil) {
            self.accountId = accountId
            self.maxResults = maxResults
            self.nextToken = nextToken
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodeQuery(self.maxResults, key: "maxResults")
            request.encodeQuery(self.nextToken, key: "nextToken")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 1000)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 0)
            try self.validate(self.nextToken, name: "nextToken", parent: name, max: 1024)
            try self.validate(self.nextToken, name: "nextToken", parent: name, min: 1)
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct ListAccessPointsForObjectLambdaResult: AWSDecodableShape {
        public struct _ObjectLambdaAccessPointListEncoding: ArrayCoderProperties { public static let member = "ObjectLambdaAccessPoint" }

        /// If the list has more access points than can be returned in one call to this API, this field contains a continuation token that you can provide in subsequent calls to this API to retrieve additional access points.
        public let nextToken: String?
        /// Returns list of Object Lambda Access Points.
        @OptionalCustomCoding<ArrayCoder<_ObjectLambdaAccessPointListEncoding, ObjectLambdaAccessPoint>>
        public var objectLambdaAccessPointList: [ObjectLambdaAccessPoint]?

        @inlinable
        public init(nextToken: String? = nil, objectLambdaAccessPointList: [ObjectLambdaAccessPoint]? = nil) {
            self.nextToken = nextToken
            self.objectLambdaAccessPointList = objectLambdaAccessPointList
        }

        private enum CodingKeys: String, CodingKey {
            case nextToken = "NextToken"
            case objectLambdaAccessPointList = "ObjectLambdaAccessPointList"
        }
    }

    public struct ListAccessPointsRequest: AWSEncodableShape {
        /// The Amazon Web Services account ID for the account that owns the specified access points.
        public let accountId: String
        /// The name of the bucket whose associated access points you want to list. For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well. For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must  specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
        public let bucket: String?
        /// The unique identifier for the data source of the access point.
        public let dataSourceId: String?
        /// The type of the data source that the access point is attached to. Returns only access points attached to S3 buckets by default. To return all access points specify DataSourceType as ALL.
        public let dataSourceType: String?
        /// The maximum number of access points that you want to include in the list. If the specified bucket has more than this number of access points, then the response will include a continuation token in the NextToken field that you can use to retrieve the next page of access points.
        public let maxResults: Int?
        /// A continuation token. If a previous call to ListAccessPoints returned a continuation token in the NextToken field, then providing that value here causes Amazon S3 to retrieve the next page of results.
        public let nextToken: String?

        @inlinable
        public init(accountId: String, bucket: String? = nil, dataSourceId: String? = nil, dataSourceType: String? = nil, maxResults: Int? = nil, nextToken: String? = nil) {
            self.accountId = accountId
            self.bucket = bucket
            self.dataSourceId = dataSourceId
            self.dataSourceType = dataSourceType
            self.maxResults = maxResults
            self.nextToken = nextToken
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodeQuery(self.bucket, key: "bucket")
            request.encodeQuery(self.dataSourceId, key: "dataSourceId")
            request.encodeQuery(self.dataSourceType, key: "dataSourceType")
            request.encodeQuery(self.maxResults, key: "maxResults")
            request.encodeQuery(self.nextToken, key: "nextToken")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.bucket, name: "bucket", parent: name, max: 255)
            try self.validate(self.bucket, name: "bucket", parent: name, min: 3)
            try self.validate(self.dataSourceId, name: "dataSourceId", parent: name, max: 191)
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 1000)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 0)
            try self.validate(self.nextToken, name: "nextToken", parent: name, max: 1024)
            try self.validate(self.nextToken, name: "nextToken", parent: name, min: 1)
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct ListAccessPointsResult: AWSDecodableShape {
        public struct _AccessPointListEncoding: ArrayCoderProperties { public static let member = "AccessPoint" }

        /// Contains identification and configuration information for one or more access points associated with the specified bucket.
        @OptionalCustomCoding<ArrayCoder<_AccessPointListEncoding, AccessPoint>>
        public var accessPointList: [AccessPoint]?
        /// If the specified bucket has more access points than can be returned in one call to this API, this field contains a continuation token that you can provide in subsequent calls to this API to retrieve additional access points.
        public let nextToken: String?

        @inlinable
        public init(accessPointList: [AccessPoint]? = nil, nextToken: String? = nil) {
            self.accessPointList = accessPointList
            self.nextToken = nextToken
        }

        private enum CodingKeys: String, CodingKey {
            case accessPointList = "AccessPointList"
            case nextToken = "NextToken"
        }
    }

    public struct ListCallerAccessGrantsEntry: AWSDecodableShape {
        /// The Amazon Resource Name (ARN) of an Amazon Web Services IAM Identity Center application associated with your Identity Center instance. If the grant includes an application ARN, the grantee can only access the S3 data through this application.
        public let applicationArn: String?
        /// The S3 path of the data to which you have been granted access.
        public let grantScope: String?
        /// The type of permission granted, which can be one of the following values:    READ - Grants read-only access to the S3 data.    WRITE - Grants write-only access to the S3 data.    READWRITE - Grants both read and write access to the S3 data.
        public let permission: Permission?

        @inlinable
        public init(applicationArn: String? = nil, grantScope: String? = nil, permission: Permission? = nil) {
            self.applicationArn = applicationArn
            self.grantScope = grantScope
            self.permission = permission
        }

        private enum CodingKeys: String, CodingKey {
            case applicationArn = "ApplicationArn"
            case grantScope = "GrantScope"
            case permission = "Permission"
        }
    }

    public struct ListCallerAccessGrantsRequest: AWSEncodableShape {
        public static let _options: AWSShapeOptions = [.checksumRequired]
        /// The Amazon Web Services account ID of the S3 Access Grants instance.
        public let accountId: String
        /// If this optional parameter is passed in the request, a filter is applied to the results. The results will include only the access grants for the caller's Identity Center application or for any other applications (ALL).
        public let allowedByApplication: Bool?
        /// The S3 path of the data that you would like to access. Must start with s3://. You can optionally pass only the beginning characters of a path, and S3 Access Grants will search for all applicable grants for the path fragment.
        public let grantScope: String?
        /// The maximum number of access grants that you would like returned in the List Caller Access Grants response. If the results include the pagination token NextToken, make another call using the NextToken to determine if there are more results.
        public let maxResults: Int?
        /// A pagination token to request the next page of results. Pass this value into a subsequent List Caller Access Grants request in order to retrieve the next page of results.
        public let nextToken: String?

        @inlinable
        public init(accountId: String, allowedByApplication: Bool? = nil, grantScope: String? = nil, maxResults: Int? = nil, nextToken: String? = nil) {
            self.accountId = accountId
            self.allowedByApplication = allowedByApplication
            self.grantScope = grantScope
            self.maxResults = maxResults
            self.nextToken = nextToken
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodeQuery(self.allowedByApplication, key: "allowedByApplication")
            request.encodeQuery(self.grantScope, key: "grantscope")
            request.encodeQuery(self.maxResults, key: "maxResults")
            request.encodeQuery(self.nextToken, key: "nextToken")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.grantScope, name: "grantScope", parent: name, max: 2000)
            try self.validate(self.grantScope, name: "grantScope", parent: name, min: 1)
            try self.validate(self.grantScope, name: "grantScope", parent: name, pattern: "^.+$")
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 1000)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 0)
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct ListCallerAccessGrantsResult: AWSDecodableShape {
        public struct _CallerAccessGrantsListEncoding: ArrayCoderProperties { public static let member = "AccessGrant" }

        /// A list of the caller's access grants that were created using S3 Access Grants and that grant the caller access to the S3 data of the Amazon Web Services account ID that was specified in the request.
        @OptionalCustomCoding<ArrayCoder<_CallerAccessGrantsListEncoding, ListCallerAccessGrantsEntry>>
        public var callerAccessGrantsList: [ListCallerAccessGrantsEntry]?
        /// A pagination token that you can use to request the next page of results. Pass this value into a subsequent List Caller Access Grants request in order to retrieve the next page of results.
        public let nextToken: String?

        @inlinable
        public init(callerAccessGrantsList: [ListCallerAccessGrantsEntry]? = nil, nextToken: String? = nil) {
            self.callerAccessGrantsList = callerAccessGrantsList
            self.nextToken = nextToken
        }

        private enum CodingKeys: String, CodingKey {
            case callerAccessGrantsList = "CallerAccessGrantsList"
            case nextToken = "NextToken"
        }
    }

    public struct ListJobsRequest: AWSEncodableShape {
        /// The Amazon Web Services account ID associated with the S3 Batch Operations job.
        public let accountId: String
        /// The List Jobs request returns jobs that match the statuses listed in this element.
        public let jobStatuses: [JobStatus]?
        /// The maximum number of jobs that Amazon S3 will include in the List Jobs response. If there are more jobs than this number, the response will include a pagination token in the NextToken field to enable you to retrieve the next page of results.
        public let maxResults: Int?
        /// A pagination token to request the next page of results. Use the token that Amazon S3 returned in the NextToken element of the ListJobsResult from the previous List Jobs request.
        public let nextToken: String?

        @inlinable
        public init(accountId: String, jobStatuses: [JobStatus]? = nil, maxResults: Int? = nil, nextToken: String? = nil) {
            self.accountId = accountId
            self.jobStatuses = jobStatuses
            self.maxResults = maxResults
            self.nextToken = nextToken
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodeQuery(self.jobStatuses, key: "jobStatuses")
            request.encodeQuery(self.maxResults, key: "maxResults")
            request.encodeQuery(self.nextToken, key: "nextToken")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 1000)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 0)
            try self.validate(self.nextToken, name: "nextToken", parent: name, max: 1024)
            try self.validate(self.nextToken, name: "nextToken", parent: name, min: 1)
            try self.validate(self.nextToken, name: "nextToken", parent: name, pattern: "^[A-Za-z0-9\\+\\:\\/\\=\\?\\#-_]+$")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct ListJobsResult: AWSDecodableShape {
        /// The list of current jobs and jobs that have ended within the last 30 days.
        @OptionalCustomCoding<StandardArrayCoder<JobListDescriptor>>
        public var jobs: [JobListDescriptor]?
        /// If the List Jobs request produced more than the maximum number of results, you can pass this value into a subsequent List Jobs request in order to retrieve the next page of results.
        public let nextToken: String?

        @inlinable
        public init(jobs: [JobListDescriptor]? = nil, nextToken: String? = nil) {
            self.jobs = jobs
            self.nextToken = nextToken
        }

        private enum CodingKeys: String, CodingKey {
            case jobs = "Jobs"
            case nextToken = "NextToken"
        }
    }

    public struct ListMultiRegionAccessPointsRequest: AWSEncodableShape {
        public static let _options: AWSShapeOptions = [.checksumRequired]
        /// The Amazon Web Services account ID for the owner of the Multi-Region Access Point.
        public let accountId: String
        /// Not currently used. Do not use this parameter.
        public let maxResults: Int?
        /// Not currently used. Do not use this parameter.
        public let nextToken: String?

        @inlinable
        public init(accountId: String, maxResults: Int? = nil, nextToken: String? = nil) {
            self.accountId = accountId
            self.maxResults = maxResults
            self.nextToken = nextToken
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodeQuery(self.maxResults, key: "maxResults")
            request.encodeQuery(self.nextToken, key: "nextToken")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 1000)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 0)
            try self.validate(self.nextToken, name: "nextToken", parent: name, max: 1024)
            try self.validate(self.nextToken, name: "nextToken", parent: name, min: 1)
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct ListMultiRegionAccessPointsResult: AWSDecodableShape {
        public struct _AccessPointsEncoding: ArrayCoderProperties { public static let member = "AccessPoint" }

        /// The list of Multi-Region Access Points associated with the user.
        @OptionalCustomCoding<ArrayCoder<_AccessPointsEncoding, MultiRegionAccessPointReport>>
        public var accessPoints: [MultiRegionAccessPointReport]?
        /// If the specified bucket has more Multi-Region Access Points than can be returned in one call to this action, this field contains a continuation token. You can use this token tin subsequent calls to this action to retrieve additional Multi-Region Access Points.
        public let nextToken: String?

        @inlinable
        public init(accessPoints: [MultiRegionAccessPointReport]? = nil, nextToken: String? = nil) {
            self.accessPoints = accessPoints
            self.nextToken = nextToken
        }

        private enum CodingKeys: String, CodingKey {
            case accessPoints = "AccessPoints"
            case nextToken = "NextToken"
        }
    }

    public struct ListRegionalBucketsRequest: AWSEncodableShape {
        /// The Amazon Web Services account ID of the Outposts bucket.
        public let accountId: String
        public let maxResults: Int?
        public let nextToken: String?
        /// The ID of the Outposts resource.  This ID is required by Amazon S3 on Outposts buckets.
        public let outpostId: String?

        @inlinable
        public init(accountId: String, maxResults: Int? = nil, nextToken: String? = nil, outpostId: String? = nil) {
            self.accountId = accountId
            self.maxResults = maxResults
            self.nextToken = nextToken
            self.outpostId = outpostId
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodeQuery(self.maxResults, key: "maxResults")
            request.encodeQuery(self.nextToken, key: "nextToken")
            request.encodeHeader(self.outpostId, key: "x-amz-outpost-id")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 1000)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 0)
            try self.validate(self.nextToken, name: "nextToken", parent: name, max: 1024)
            try self.validate(self.nextToken, name: "nextToken", parent: name, min: 1)
            try self.validate(self.outpostId, name: "outpostId", parent: name, max: 64)
            try self.validate(self.outpostId, name: "outpostId", parent: name, min: 1)
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct ListRegionalBucketsResult: AWSDecodableShape {
        public struct _RegionalBucketListEncoding: ArrayCoderProperties { public static let member = "RegionalBucket" }

        ///  NextToken is sent when isTruncated is true, which means there are more buckets that can be listed. The next list requests to Amazon S3 can be continued with this NextToken. NextToken is obfuscated and is not a real key.
        public let nextToken: String?
        @OptionalCustomCoding<ArrayCoder<_RegionalBucketListEncoding, RegionalBucket>>
        public var regionalBucketList: [RegionalBucket]?

        @inlinable
        public init(nextToken: String? = nil, regionalBucketList: [RegionalBucket]? = nil) {
            self.nextToken = nextToken
            self.regionalBucketList = regionalBucketList
        }

        private enum CodingKeys: String, CodingKey {
            case nextToken = "NextToken"
            case regionalBucketList = "RegionalBucketList"
        }
    }

    public struct ListStorageLensConfigurationEntry: AWSDecodableShape {
        /// A container for the S3 Storage Lens home Region. Your metrics data is stored and retained in your designated S3 Storage Lens home Region.
        public let homeRegion: String
        /// A container for the S3 Storage Lens configuration ID.
        public let id: String
        /// A container for whether the S3 Storage Lens configuration is enabled. This property is required.
        public let isEnabled: Bool?
        /// The ARN of the S3 Storage Lens configuration. This property is read-only.
        public let storageLensArn: String

        @inlinable
        public init(homeRegion: String, id: String, isEnabled: Bool? = nil, storageLensArn: String) {
            self.homeRegion = homeRegion
            self.id = id
            self.isEnabled = isEnabled
            self.storageLensArn = storageLensArn
        }

        private enum CodingKeys: String, CodingKey {
            case homeRegion = "HomeRegion"
            case id = "Id"
            case isEnabled = "IsEnabled"
            case storageLensArn = "StorageLensArn"
        }
    }

    public struct ListStorageLensConfigurationsRequest: AWSEncodableShape {
        /// The account ID of the requester.
        public let accountId: String
        /// A pagination token to request the next page of results.
        public let nextToken: String?

        @inlinable
        public init(accountId: String, nextToken: String? = nil) {
            self.accountId = accountId
            self.nextToken = nextToken
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodeQuery(self.nextToken, key: "nextToken")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct ListStorageLensConfigurationsResult: AWSDecodableShape {
        /// If the request produced more than the maximum number of S3 Storage Lens configuration results, you can pass this value into a subsequent request to retrieve the next page of results.
        public let nextToken: String?
        /// A list of S3 Storage Lens configurations.
        public let storageLensConfigurationList: [ListStorageLensConfigurationEntry]?

        @inlinable
        public init(nextToken: String? = nil, storageLensConfigurationList: [ListStorageLensConfigurationEntry]? = nil) {
            self.nextToken = nextToken
            self.storageLensConfigurationList = storageLensConfigurationList
        }

        private enum CodingKeys: String, CodingKey {
            case nextToken = "NextToken"
            case storageLensConfigurationList = "StorageLensConfiguration"
        }
    }

    public struct ListStorageLensGroupEntry: AWSDecodableShape {
        /// Contains the Amazon Web Services Region where the Storage Lens group was created.
        public let homeRegion: String
        /// Contains the name of the Storage Lens group that exists in the specified home Region.
        public let name: String
        /// Contains the Amazon Resource Name (ARN) of the Storage Lens group. This property is read-only.
        public let storageLensGroupArn: String

        @inlinable
        public init(homeRegion: String, name: String, storageLensGroupArn: String) {
            self.homeRegion = homeRegion
            self.name = name
            self.storageLensGroupArn = storageLensGroupArn
        }

        private enum CodingKeys: String, CodingKey {
            case homeRegion = "HomeRegion"
            case name = "Name"
            case storageLensGroupArn = "StorageLensGroupArn"
        }
    }

    public struct ListStorageLensGroupsRequest: AWSEncodableShape {
        ///  The Amazon Web Services account ID that owns the Storage Lens groups.
        public let accountId: String
        /// The token for the next set of results, or null if there are no more results.
        public let nextToken: String?

        @inlinable
        public init(accountId: String, nextToken: String? = nil) {
            self.accountId = accountId
            self.nextToken = nextToken
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodeQuery(self.nextToken, key: "nextToken")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct ListStorageLensGroupsResult: AWSDecodableShape {
        ///  If NextToken is returned, there are more Storage Lens groups results available. The value of NextToken is a unique pagination token for each page. Make the call again using the returned token to retrieve the next page. Keep all other arguments unchanged. Each pagination token expires after 24 hours.
        public let nextToken: String?
        /// The list of Storage Lens groups that exist in the specified home Region.
        public let storageLensGroupList: [ListStorageLensGroupEntry]?

        @inlinable
        public init(nextToken: String? = nil, storageLensGroupList: [ListStorageLensGroupEntry]? = nil) {
            self.nextToken = nextToken
            self.storageLensGroupList = storageLensGroupList
        }

        private enum CodingKeys: String, CodingKey {
            case nextToken = "NextToken"
            case storageLensGroupList = "StorageLensGroup"
        }
    }

    public struct ListTagsForResourceRequest: AWSEncodableShape {
        /// The Amazon Web Services account ID of the resource owner.
        public let accountId: String
        /// The Amazon Resource Name (ARN) of the S3 resource that you want to list tags for. The tagged resource can be a directory bucket, S3 Storage Lens group or S3 Access Grants instance, registered location, or grant.
        public let resourceArn: String

        @inlinable
        public init(accountId: String, resourceArn: String) {
            self.accountId = accountId
            self.resourceArn = resourceArn
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.resourceArn, key: "ResourceArn")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.resourceArn, name: "resourceArn", parent: name, max: 1011)
            try self.validate(self.resourceArn, name: "resourceArn", parent: name, pattern: "^arn:[^:]+:s3(express)?:[^:]")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct ListTagsForResourceResult: AWSDecodableShape {
        public struct _TagsEncoding: ArrayCoderProperties { public static let member = "Tag" }

        /// The Amazon Web Services resource tags that are associated with the resource.
        @OptionalCustomCoding<ArrayCoder<_TagsEncoding, Tag>>
        public var tags: [Tag]?

        @inlinable
        public init(tags: [Tag]? = nil) {
            self.tags = tags
        }

        private enum CodingKeys: String, CodingKey {
            case tags = "Tags"
        }
    }

    public struct MatchObjectAge: AWSEncodableShape & AWSDecodableShape {
        /// Specifies the maximum object age in days. Must be a positive whole number, greater than the minimum object age and less than or equal to 2,147,483,647.
        public let daysGreaterThan: Int?
        /// Specifies the minimum object age in days. The value must be a positive whole number, greater than 0 and less than or equal to 2,147,483,647.
        public let daysLessThan: Int?

        @inlinable
        public init(daysGreaterThan: Int? = nil, daysLessThan: Int? = nil) {
            self.daysGreaterThan = daysGreaterThan
            self.daysLessThan = daysLessThan
        }

        private enum CodingKeys: String, CodingKey {
            case daysGreaterThan = "DaysGreaterThan"
            case daysLessThan = "DaysLessThan"
        }
    }

    public struct MatchObjectSize: AWSEncodableShape & AWSDecodableShape {
        /// Specifies the minimum object size in Bytes. The value must be a positive number, greater than 0 and less than 5 TB.
        public let bytesGreaterThan: Int64?
        /// Specifies the maximum object size in Bytes. The value must be a positive number, greater than the minimum object size and less than 5 TB.
        public let bytesLessThan: Int64?

        @inlinable
        public init(bytesGreaterThan: Int64? = nil, bytesLessThan: Int64? = nil) {
            self.bytesGreaterThan = bytesGreaterThan
            self.bytesLessThan = bytesLessThan
        }

        private enum CodingKeys: String, CodingKey {
            case bytesGreaterThan = "BytesGreaterThan"
            case bytesLessThan = "BytesLessThan"
        }
    }

    public struct Metrics: AWSEncodableShape & AWSDecodableShape {
        /// A container that specifies the time threshold for emitting the s3:Replication:OperationMissedThreshold event.   This is not supported by Amazon S3 on Outposts buckets.
        public let eventThreshold: ReplicationTimeValue?
        /// Specifies whether replication metrics are enabled.
        public let status: MetricsStatus

        @inlinable
        public init(eventThreshold: ReplicationTimeValue? = nil, status: MetricsStatus) {
            self.eventThreshold = eventThreshold
            self.status = status
        }

        private enum CodingKeys: String, CodingKey {
            case eventThreshold = "EventThreshold"
            case status = "Status"
        }
    }

    public struct MultiRegionAccessPointPolicyDocument: AWSDecodableShape {
        /// The last established policy for the Multi-Region Access Point.
        public let established: EstablishedMultiRegionAccessPointPolicy?
        /// The proposed policy for the Multi-Region Access Point.
        public let proposed: ProposedMultiRegionAccessPointPolicy?

        @inlinable
        public init(established: EstablishedMultiRegionAccessPointPolicy? = nil, proposed: ProposedMultiRegionAccessPointPolicy? = nil) {
            self.established = established
            self.proposed = proposed
        }

        private enum CodingKeys: String, CodingKey {
            case established = "Established"
            case proposed = "Proposed"
        }
    }

    public struct MultiRegionAccessPointRegionalResponse: AWSDecodableShape {
        /// The name of the Region in the Multi-Region Access Point.
        public let name: String?
        /// The current status of the Multi-Region Access Point in this Region.
        public let requestStatus: String?

        @inlinable
        public init(name: String? = nil, requestStatus: String? = nil) {
            self.name = name
            self.requestStatus = requestStatus
        }

        private enum CodingKeys: String, CodingKey {
            case name = "Name"
            case requestStatus = "RequestStatus"
        }
    }

    public struct MultiRegionAccessPointReport: AWSDecodableShape {
        public struct _RegionsEncoding: ArrayCoderProperties { public static let member = "Region" }

        /// The alias for the Multi-Region Access Point. For more information about the distinction between the name and the alias of an Multi-Region Access Point, see Rules for naming Amazon S3 Multi-Region Access Points.
        public let alias: String?
        /// When the Multi-Region Access Point create request was received.
        public let createdAt: Date?
        /// The name of the Multi-Region Access Point.
        public let name: String?
        public let publicAccessBlock: PublicAccessBlockConfiguration?
        /// A collection of the Regions and buckets associated with the Multi-Region Access Point.
        @OptionalCustomCoding<ArrayCoder<_RegionsEncoding, RegionReport>>
        public var regions: [RegionReport]?
        /// The current status of the Multi-Region Access Point.  CREATING and DELETING are temporary states that exist while the request is propagating and being completed. If a Multi-Region Access Point has a status of PARTIALLY_CREATED, you can retry creation or send a request to delete the Multi-Region Access Point. If a Multi-Region Access Point has a status of PARTIALLY_DELETED, you can retry a delete request to finish the deletion of the Multi-Region Access Point.
        public let status: MultiRegionAccessPointStatus?

        @inlinable
        public init(alias: String? = nil, createdAt: Date? = nil, name: String? = nil, publicAccessBlock: PublicAccessBlockConfiguration? = nil, regions: [RegionReport]? = nil, status: MultiRegionAccessPointStatus? = nil) {
            self.alias = alias
            self.createdAt = createdAt
            self.name = name
            self.publicAccessBlock = publicAccessBlock
            self.regions = regions
            self.status = status
        }

        private enum CodingKeys: String, CodingKey {
            case alias = "Alias"
            case createdAt = "CreatedAt"
            case name = "Name"
            case publicAccessBlock = "PublicAccessBlock"
            case regions = "Regions"
            case status = "Status"
        }
    }

    public struct MultiRegionAccessPointRoute: AWSEncodableShape & AWSDecodableShape {
        /// The name of the Amazon S3 bucket for which you'll submit a routing configuration change. Either the Bucket or the Region value must be provided. If both are provided, the bucket must be in the specified Region.
        public let bucket: String?
        /// The Amazon Web Services Region to which you'll be submitting a routing configuration change. Either the Bucket or the Region value must be provided. If both are provided, the bucket must be in the specified Region.
        public let region: String?
        /// The traffic state for the specified bucket or Amazon Web Services Region.  A value of 0 indicates a passive state, which means that no new traffic will be routed to the Region.  A value of 100 indicates an active state, which means that traffic will be routed to the specified Region.  When the routing configuration for a Region is changed from active to passive, any in-progress operations (uploads, copies, deletes, and so on) to the formerly active Region will continue to run to until a final success or failure status is reached. If all Regions in the routing configuration are designated as passive, you'll receive an InvalidRequest error.
        public let trafficDialPercentage: Int

        @inlinable
        public init(bucket: String? = nil, region: String? = nil, trafficDialPercentage: Int) {
            self.bucket = bucket
            self.region = region
            self.trafficDialPercentage = trafficDialPercentage
        }

        public func validate(name: String) throws {
            try self.validate(self.bucket, name: "bucket", parent: name, max: 255)
            try self.validate(self.bucket, name: "bucket", parent: name, min: 3)
            try self.validate(self.region, name: "region", parent: name, max: 64)
            try self.validate(self.region, name: "region", parent: name, min: 1)
            try self.validate(self.trafficDialPercentage, name: "trafficDialPercentage", parent: name, max: 100)
            try self.validate(self.trafficDialPercentage, name: "trafficDialPercentage", parent: name, min: 0)
        }

        private enum CodingKeys: String, CodingKey {
            case bucket = "Bucket"
            case region = "Region"
            case trafficDialPercentage = "TrafficDialPercentage"
        }
    }

    public struct MultiRegionAccessPointsAsyncResponse: AWSDecodableShape {
        public struct _RegionsEncoding: ArrayCoderProperties { public static let member = "Region" }

        /// A collection of status information for the different Regions that a Multi-Region Access Point supports.
        @OptionalCustomCoding<ArrayCoder<_RegionsEncoding, MultiRegionAccessPointRegionalResponse>>
        public var regions: [MultiRegionAccessPointRegionalResponse]?

        @inlinable
        public init(regions: [MultiRegionAccessPointRegionalResponse]? = nil) {
            self.regions = regions
        }

        private enum CodingKeys: String, CodingKey {
            case regions = "Regions"
        }
    }

    public struct NoncurrentVersionExpiration: AWSEncodableShape & AWSDecodableShape {
        /// Specifies how many noncurrent versions S3 on Outposts will retain. If there are this many more recent noncurrent versions, S3 on Outposts will take the associated action. For more information about noncurrent versions, see Lifecycle configuration elements in the Amazon S3 User Guide.
        public let newerNoncurrentVersions: Int?
        /// Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see How Amazon S3 Calculates When an Object Became Noncurrent in the Amazon S3 User Guide.
        public let noncurrentDays: Int?

        @inlinable
        public init(newerNoncurrentVersions: Int? = nil, noncurrentDays: Int? = nil) {
            self.newerNoncurrentVersions = newerNoncurrentVersions
            self.noncurrentDays = noncurrentDays
        }

        private enum CodingKeys: String, CodingKey {
            case newerNoncurrentVersions = "NewerNoncurrentVersions"
            case noncurrentDays = "NoncurrentDays"
        }
    }

    public struct NoncurrentVersionTransition: AWSEncodableShape & AWSDecodableShape {
        /// Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see  How Amazon S3 Calculates How Long an Object Has Been Noncurrent in the Amazon S3 User Guide.
        public let noncurrentDays: Int?
        /// The class of storage used to store the object.
        public let storageClass: TransitionStorageClass?

        @inlinable
        public init(noncurrentDays: Int? = nil, storageClass: TransitionStorageClass? = nil) {
            self.noncurrentDays = noncurrentDays
            self.storageClass = storageClass
        }

        private enum CodingKeys: String, CodingKey {
            case noncurrentDays = "NoncurrentDays"
            case storageClass = "StorageClass"
        }
    }

    public struct ObjectLambdaAccessPoint: AWSDecodableShape {
        /// The alias of the Object Lambda Access Point.
        public let alias: ObjectLambdaAccessPointAlias?
        /// The name of the Object Lambda Access Point.
        public let name: String
        /// Specifies the ARN for the Object Lambda Access Point.
        public let objectLambdaAccessPointArn: String?

        @inlinable
        public init(alias: ObjectLambdaAccessPointAlias? = nil, name: String, objectLambdaAccessPointArn: String? = nil) {
            self.alias = alias
            self.name = name
            self.objectLambdaAccessPointArn = objectLambdaAccessPointArn
        }

        private enum CodingKeys: String, CodingKey {
            case alias = "Alias"
            case name = "Name"
            case objectLambdaAccessPointArn = "ObjectLambdaAccessPointArn"
        }
    }

    public struct ObjectLambdaAccessPointAlias: AWSDecodableShape {
        /// The status of the Object Lambda Access Point alias. If the status is PROVISIONING, the Object Lambda Access Point is provisioning the alias and the alias is not ready for use yet. If the status is READY, the Object Lambda Access Point alias is successfully provisioned and ready for use.
        public let status: ObjectLambdaAccessPointAliasStatus?
        /// The alias value of the Object Lambda Access Point.
        public let value: String?

        @inlinable
        public init(status: ObjectLambdaAccessPointAliasStatus? = nil, value: String? = nil) {
            self.status = status
            self.value = value
        }

        private enum CodingKeys: String, CodingKey {
            case status = "Status"
            case value = "Value"
        }
    }

    public struct ObjectLambdaConfiguration: AWSEncodableShape & AWSDecodableShape {
        public struct _AllowedFeaturesEncoding: ArrayCoderProperties { public static let member = "AllowedFeature" }
        public struct _TransformationConfigurationsEncoding: ArrayCoderProperties { public static let member = "TransformationConfiguration" }

        /// A container for allowed features. Valid inputs are GetObject-Range, GetObject-PartNumber, HeadObject-Range, and HeadObject-PartNumber.
        @OptionalCustomCoding<ArrayCoder<_AllowedFeaturesEncoding, ObjectLambdaAllowedFeature>>
        public var allowedFeatures: [ObjectLambdaAllowedFeature]?
        /// A container for whether the CloudWatch metrics configuration is enabled.
        public let cloudWatchMetricsEnabled: Bool?
        /// Standard access point associated with the Object Lambda Access Point.
        public let supportingAccessPoint: String
        /// A container for transformation configurations for an Object Lambda Access Point.
        @CustomCoding<ArrayCoder<_TransformationConfigurationsEncoding, ObjectLambdaTransformationConfiguration>>
        public var transformationConfigurations: [ObjectLambdaTransformationConfiguration]

        @inlinable
        public init(allowedFeatures: [ObjectLambdaAllowedFeature]? = nil, cloudWatchMetricsEnabled: Bool? = nil, supportingAccessPoint: String, transformationConfigurations: [ObjectLambdaTransformationConfiguration]) {
            self.allowedFeatures = allowedFeatures
            self.cloudWatchMetricsEnabled = cloudWatchMetricsEnabled
            self.supportingAccessPoint = supportingAccessPoint
            self.transformationConfigurations = transformationConfigurations
        }

        public func validate(name: String) throws {
            try self.validate(self.supportingAccessPoint, name: "supportingAccessPoint", parent: name, max: 2048)
            try self.validate(self.supportingAccessPoint, name: "supportingAccessPoint", parent: name, min: 1)
            try self.validate(self.supportingAccessPoint, name: "supportingAccessPoint", parent: name, pattern: "^arn:[^:]+:s3:[^:]*:\\d{12}:accesspoint/")
            try self.transformationConfigurations.forEach {
                try $0.validate(name: "\(name).transformationConfigurations[]")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case allowedFeatures = "AllowedFeatures"
            case cloudWatchMetricsEnabled = "CloudWatchMetricsEnabled"
            case supportingAccessPoint = "SupportingAccessPoint"
            case transformationConfigurations = "TransformationConfigurations"
        }
    }

    public struct ObjectLambdaTransformationConfiguration: AWSEncodableShape & AWSDecodableShape {
        public struct _ActionsEncoding: ArrayCoderProperties { public static let member = "Action" }

        /// A container for the action of an Object Lambda Access Point configuration. Valid inputs are GetObject, ListObjects, HeadObject, and ListObjectsV2.
        @CustomCoding<ArrayCoder<_ActionsEncoding, ObjectLambdaTransformationConfigurationAction>>
        public var actions: [ObjectLambdaTransformationConfigurationAction]
        /// A container for the content transformation of an Object Lambda Access Point configuration.
        public let contentTransformation: ObjectLambdaContentTransformation

        @inlinable
        public init(actions: [ObjectLambdaTransformationConfigurationAction], contentTransformation: ObjectLambdaContentTransformation) {
            self.actions = actions
            self.contentTransformation = contentTransformation
        }

        public func validate(name: String) throws {
            try self.contentTransformation.validate(name: "\(name).contentTransformation")
        }

        private enum CodingKeys: String, CodingKey {
            case actions = "Actions"
            case contentTransformation = "ContentTransformation"
        }
    }

    public struct PolicyStatus: AWSDecodableShape {
        public let isPublic: Bool?

        @inlinable
        public init(isPublic: Bool? = nil) {
            self.isPublic = isPublic
        }

        private enum CodingKeys: String, CodingKey {
            case isPublic = "IsPublic"
        }
    }

    public struct PrefixLevel: AWSEncodableShape & AWSDecodableShape {
        /// A container for the prefix-level storage metrics for S3 Storage Lens.
        public let storageMetrics: PrefixLevelStorageMetrics

        @inlinable
        public init(storageMetrics: PrefixLevelStorageMetrics) {
            self.storageMetrics = storageMetrics
        }

        public func validate(name: String) throws {
            try self.storageMetrics.validate(name: "\(name).storageMetrics")
        }

        private enum CodingKeys: String, CodingKey {
            case storageMetrics = "StorageMetrics"
        }
    }

    public struct PrefixLevelStorageMetrics: AWSEncodableShape & AWSDecodableShape {
        /// A container for whether prefix-level storage metrics are enabled.
        public let isEnabled: Bool?
        public let selectionCriteria: SelectionCriteria?

        @inlinable
        public init(isEnabled: Bool? = nil, selectionCriteria: SelectionCriteria? = nil) {
            self.isEnabled = isEnabled
            self.selectionCriteria = selectionCriteria
        }

        public func validate(name: String) throws {
            try self.selectionCriteria?.validate(name: "\(name).selectionCriteria")
        }

        private enum CodingKeys: String, CodingKey {
            case isEnabled = "IsEnabled"
            case selectionCriteria = "SelectionCriteria"
        }
    }

    public struct ProposedMultiRegionAccessPointPolicy: AWSDecodableShape {
        /// The details of the proposed policy.
        public let policy: String?

        @inlinable
        public init(policy: String? = nil) {
            self.policy = policy
        }

        private enum CodingKeys: String, CodingKey {
            case policy = "Policy"
        }
    }

    public struct PublicAccessBlockConfiguration: AWSEncodableShape & AWSDecodableShape {
        /// Specifies whether Amazon S3 should block public access control lists (ACLs) for buckets in this account. Setting this element to TRUE causes the following behavior:    PutBucketAcl and PutObjectAcl calls fail if the specified ACL is public.   PUT Object calls fail if the request includes a public ACL.   PUT Bucket calls fail if the request includes a public ACL.   Enabling this setting doesn't affect existing policies or ACLs. This property is not supported for Amazon S3 on Outposts.
        public let blockPublicAcls: Bool?
        /// Specifies whether Amazon S3 should block public bucket policies for buckets in this account. Setting this element to TRUE causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.  Enabling this setting doesn't affect existing bucket policies. This property is not supported for Amazon S3 on Outposts.
        public let blockPublicPolicy: Bool?
        /// Specifies whether Amazon S3 should ignore public ACLs for buckets in this account. Setting this element to TRUE causes Amazon S3 to ignore all public ACLs on buckets in this account and any objects that they contain.  Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set. This property is not supported for Amazon S3 on Outposts.
        public let ignorePublicAcls: Bool?
        /// Specifies whether Amazon S3 should restrict public bucket policies for buckets in this account. Setting this element to TRUE restricts access to buckets with public policies to only Amazon Web Services service principals and authorized users within this account. Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked. This property is not supported for Amazon S3 on Outposts.
        public let restrictPublicBuckets: Bool?

        @inlinable
        public init(blockPublicAcls: Bool? = nil, blockPublicPolicy: Bool? = nil, ignorePublicAcls: Bool? = nil, restrictPublicBuckets: Bool? = nil) {
            self.blockPublicAcls = blockPublicAcls
            self.blockPublicPolicy = blockPublicPolicy
            self.ignorePublicAcls = ignorePublicAcls
            self.restrictPublicBuckets = restrictPublicBuckets
        }

        private enum CodingKeys: String, CodingKey {
            case blockPublicAcls = "BlockPublicAcls"
            case blockPublicPolicy = "BlockPublicPolicy"
            case ignorePublicAcls = "IgnorePublicAcls"
            case restrictPublicBuckets = "RestrictPublicBuckets"
        }
    }

    public struct PutAccessGrantsInstanceResourcePolicyRequest: AWSEncodableShape {
        public static let _options: AWSShapeOptions = [.checksumRequired]
        /// The Amazon Web Services account ID of the S3 Access Grants instance.
        public let accountId: String
        /// The Organization of the resource policy of the S3 Access Grants instance.
        public let organization: String?
        /// The resource policy of the S3 Access Grants instance that you are updating.
        public let policy: String

        @inlinable
        public init(accountId: String, organization: String? = nil, policy: String) {
            self.accountId = accountId
            self.organization = organization
            self.policy = policy
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            var container = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            try container.encodeIfPresent(self.organization, forKey: .organization)
            try container.encode(self.policy, forKey: .policy)
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.organization, name: "organization", parent: name, max: 34)
            try self.validate(self.organization, name: "organization", parent: name, min: 12)
            try self.validate(self.organization, name: "organization", parent: name, pattern: "^o-[a-z0-9]{10,32}$")
            try self.validate(self.policy, name: "policy", parent: name, max: 350000)
            try self.validate(self.policy, name: "policy", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case organization = "Organization"
            case policy = "Policy"
        }
    }

    public struct PutAccessGrantsInstanceResourcePolicyResult: AWSDecodableShape {
        /// The date and time when you created the S3 Access Grants instance resource policy.
        public let createdAt: Date?
        /// The Organization of the resource policy of the S3 Access Grants instance.
        public let organization: String?
        /// The updated resource policy of the S3 Access Grants instance.
        public let policy: String?

        @inlinable
        public init(createdAt: Date? = nil, organization: String? = nil, policy: String? = nil) {
            self.createdAt = createdAt
            self.organization = organization
            self.policy = policy
        }

        private enum CodingKeys: String, CodingKey {
            case createdAt = "CreatedAt"
            case organization = "Organization"
            case policy = "Policy"
        }
    }

    public struct PutAccessPointConfigurationForObjectLambdaRequest: AWSEncodableShape {
        /// The account ID for the account that owns the specified Object Lambda Access Point.
        public let accountId: String
        /// Object Lambda Access Point configuration document.
        public let configuration: ObjectLambdaConfiguration
        /// The name of the Object Lambda Access Point.
        public let name: String

        @inlinable
        public init(accountId: String, configuration: ObjectLambdaConfiguration, name: String) {
            self.accountId = accountId
            self.configuration = configuration
            self.name = name
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            var container = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            try container.encode(self.configuration, forKey: .configuration)
            request.encodePath(self.name, key: "Name")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.configuration.validate(name: "\(name).configuration")
            try self.validate(self.name, name: "name", parent: name, max: 45)
            try self.validate(self.name, name: "name", parent: name, min: 3)
            try self.validate(self.name, name: "name", parent: name, pattern: "^[a-z0-9]([a-z0-9\\-]*[a-z0-9])?$")
        }

        private enum CodingKeys: String, CodingKey {
            case configuration = "Configuration"
        }
    }

    public struct PutAccessPointPolicyForObjectLambdaRequest: AWSEncodableShape {
        /// The account ID for the account that owns the specified Object Lambda Access Point.
        public let accountId: String
        /// The name of the Object Lambda Access Point.
        public let name: String
        /// Object Lambda Access Point resource policy document.
        public let policy: String

        @inlinable
        public init(accountId: String, name: String, policy: String) {
            self.accountId = accountId
            self.name = name
            self.policy = policy
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            var container = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.name, key: "Name")
            try container.encode(self.policy, forKey: .policy)
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.name, name: "name", parent: name, max: 45)
            try self.validate(self.name, name: "name", parent: name, min: 3)
            try self.validate(self.name, name: "name", parent: name, pattern: "^[a-z0-9]([a-z0-9\\-]*[a-z0-9])?$")
        }

        private enum CodingKeys: String, CodingKey {
            case policy = "Policy"
        }
    }

    public struct PutAccessPointPolicyRequest: AWSEncodableShape {
        /// The Amazon Web Services account ID for owner of the bucket associated with the specified access point.
        public let accountId: String
        /// The name of the access point that you want to associate with the specified policy. For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well. For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must  specify the ARN of the access point accessed in the format arn:aws:s3-outposts:::outpost//accesspoint/. For example, to access the access point reports-ap through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/accesspoint/reports-ap. The value must be URL encoded.
        public let name: String
        /// The policy that you want to apply to the specified access point. For more information about access point policies, see Managing data access with Amazon S3 access points or Managing access to shared datasets in directory buckets with access points in the Amazon S3 User Guide.
        public let policy: String

        @inlinable
        public init(accountId: String, name: String, policy: String) {
            self.accountId = accountId
            self.name = name
            self.policy = policy
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            var container = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.name, key: "Name")
            try container.encode(self.policy, forKey: .policy)
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.name, name: "name", parent: name, max: 255)
            try self.validate(self.name, name: "name", parent: name, min: 3)
        }

        private enum CodingKeys: String, CodingKey {
            case policy = "Policy"
        }
    }

    public struct PutAccessPointScopeRequest: AWSEncodableShape {
        ///  The Amazon Web Services account ID that owns the access point with scope that you want to create or replace.
        public let accountId: String
        /// The name of the access point with the scope that you want to create or replace.
        public let name: String
        /// Object prefixes, API operations, or a combination of both.
        public let scope: Scope

        @inlinable
        public init(accountId: String, name: String, scope: Scope) {
            self.accountId = accountId
            self.name = name
            self.scope = scope
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            var container = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.name, key: "Name")
            try container.encode(self.scope, forKey: .scope)
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.name, name: "name", parent: name, max: 255)
            try self.validate(self.name, name: "name", parent: name, min: 3)
        }

        private enum CodingKeys: String, CodingKey {
            case scope = "Scope"
        }
    }

    public struct PutBucketLifecycleConfigurationRequest: AWSEncodableShape {
        public static let _options: AWSShapeOptions = [.checksumRequired]
        public static let _xmlRootNodeName: String? = "LifecycleConfiguration"
        /// The Amazon Web Services account ID of the Outposts bucket.
        public let accountId: String
        /// The name of the bucket for which to set the configuration.
        public let bucket: String
        /// Container for lifecycle rules. You can add as many as 1,000 rules.
        public let lifecycleConfiguration: LifecycleConfiguration?

        @inlinable
        public init(accountId: String, bucket: String, lifecycleConfiguration: LifecycleConfiguration? = nil) {
            self.accountId = accountId
            self.bucket = bucket
            self.lifecycleConfiguration = lifecycleConfiguration
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            var container = encoder.singleValueContainer()
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.bucket, key: "Bucket")
            try container.encode(self.lifecycleConfiguration)
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.bucket, name: "bucket", parent: name, max: 255)
            try self.validate(self.bucket, name: "bucket", parent: name, min: 3)
            try self.lifecycleConfiguration?.validate(name: "\(name).lifecycleConfiguration")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct PutBucketPolicyRequest: AWSEncodableShape {
        public static let _options: AWSShapeOptions = [.checksumRequired]
        /// The Amazon Web Services account ID of the Outposts bucket.
        public let accountId: String
        /// Specifies the bucket. For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well. For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must  specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
        public let bucket: String
        /// Set this parameter to true to confirm that you want to remove your permissions to change this bucket policy in the future.  This is not supported by Amazon S3 on Outposts buckets.
        public let confirmRemoveSelfBucketAccess: Bool?
        /// The bucket policy as a JSON document.
        public let policy: String

        @inlinable
        public init(accountId: String, bucket: String, confirmRemoveSelfBucketAccess: Bool? = nil, policy: String) {
            self.accountId = accountId
            self.bucket = bucket
            self.confirmRemoveSelfBucketAccess = confirmRemoveSelfBucketAccess
            self.policy = policy
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            var container = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.bucket, key: "Bucket")
            request.encodeHeader(self.confirmRemoveSelfBucketAccess, key: "x-amz-confirm-remove-self-bucket-access")
            try container.encode(self.policy, forKey: .policy)
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.bucket, name: "bucket", parent: name, max: 255)
            try self.validate(self.bucket, name: "bucket", parent: name, min: 3)
        }

        private enum CodingKeys: String, CodingKey {
            case policy = "Policy"
        }
    }

    public struct PutBucketReplicationRequest: AWSEncodableShape {
        public static let _options: AWSShapeOptions = [.checksumRequired]
        public static let _xmlRootNodeName: String? = "ReplicationConfiguration"
        /// The Amazon Web Services account ID of the Outposts bucket.
        public let accountId: String
        /// Specifies the S3 on Outposts bucket to set the configuration for. For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well. For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must  specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
        public let bucket: String
        public let replicationConfiguration: ReplicationConfiguration

        @inlinable
        public init(accountId: String, bucket: String, replicationConfiguration: ReplicationConfiguration) {
            self.accountId = accountId
            self.bucket = bucket
            self.replicationConfiguration = replicationConfiguration
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            var container = encoder.singleValueContainer()
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.bucket, key: "Bucket")
            try container.encode(self.replicationConfiguration)
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.bucket, name: "bucket", parent: name, max: 255)
            try self.validate(self.bucket, name: "bucket", parent: name, min: 3)
            try self.replicationConfiguration.validate(name: "\(name).replicationConfiguration")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct PutBucketTaggingRequest: AWSEncodableShape {
        public static let _options: AWSShapeOptions = [.checksumRequired]
        public static let _xmlRootNodeName: String? = "Tagging"
        /// The Amazon Web Services account ID of the Outposts bucket.
        public let accountId: String
        /// The Amazon Resource Name (ARN) of the bucket. For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well. For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must  specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
        public let bucket: String
        public let tagging: Tagging

        @inlinable
        public init(accountId: String, bucket: String, tagging: Tagging) {
            self.accountId = accountId
            self.bucket = bucket
            self.tagging = tagging
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            var container = encoder.singleValueContainer()
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.bucket, key: "Bucket")
            try container.encode(self.tagging)
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.bucket, name: "bucket", parent: name, max: 255)
            try self.validate(self.bucket, name: "bucket", parent: name, min: 3)
            try self.tagging.validate(name: "\(name).tagging")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct PutBucketVersioningRequest: AWSEncodableShape {
        public static let _options: AWSShapeOptions = [.checksumRequired]
        public static let _xmlRootNodeName: String? = "VersioningConfiguration"
        /// The Amazon Web Services account ID of the S3 on Outposts bucket.
        public let accountId: String
        /// The S3 on Outposts bucket to set the versioning state for.
        public let bucket: String
        /// The concatenation of the authentication device's serial number, a space, and the value that is displayed on your authentication device.
        public let mfa: String?
        /// The root-level tag for the VersioningConfiguration parameters.
        public let versioningConfiguration: VersioningConfiguration

        @inlinable
        public init(accountId: String, bucket: String, mfa: String? = nil, versioningConfiguration: VersioningConfiguration) {
            self.accountId = accountId
            self.bucket = bucket
            self.mfa = mfa
            self.versioningConfiguration = versioningConfiguration
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            var container = encoder.singleValueContainer()
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.bucket, key: "Bucket")
            request.encodeHeader(self.mfa, key: "x-amz-mfa")
            try container.encode(self.versioningConfiguration)
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.bucket, name: "bucket", parent: name, max: 255)
            try self.validate(self.bucket, name: "bucket", parent: name, min: 3)
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct PutJobTaggingRequest: AWSEncodableShape {
        /// The Amazon Web Services account ID associated with the S3 Batch Operations job.
        public let accountId: String
        /// The ID for the S3 Batch Operations job whose tags you want to replace.
        public let jobId: String
        /// The set of tags to associate with the S3 Batch Operations job.
        @CustomCoding<StandardArrayCoder<S3Tag>>
        public var tags: [S3Tag]

        @inlinable
        public init(accountId: String, jobId: String, tags: [S3Tag]) {
            self.accountId = accountId
            self.jobId = jobId
            self.tags = tags
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            var container = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.jobId, key: "JobId")
            try container.encode(self.tags, forKey: .tags)
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.jobId, name: "jobId", parent: name, max: 36)
            try self.validate(self.jobId, name: "jobId", parent: name, min: 5)
            try self.validate(self.jobId, name: "jobId", parent: name, pattern: "^[a-zA-Z0-9\\-\\_]+$")
            try self.tags.forEach {
                try $0.validate(name: "\(name).tags[]")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case tags = "Tags"
        }
    }

    public struct PutJobTaggingResult: AWSDecodableShape {
        public init() {}
    }

    public struct PutMultiRegionAccessPointPolicyInput: AWSEncodableShape & AWSDecodableShape {
        /// The name of the Multi-Region Access Point associated with the request.
        public let name: String
        /// The policy details for the PutMultiRegionAccessPoint request.
        public let policy: String

        @inlinable
        public init(name: String, policy: String) {
            self.name = name
            self.policy = policy
        }

        public func validate(name: String) throws {
            try self.validate(self.name, name: "name", parent: name, max: 50)
            try self.validate(self.name, name: "name", parent: name, pattern: "^[a-z0-9][-a-z0-9]{1,48}[a-z0-9]$")
        }

        private enum CodingKeys: String, CodingKey {
            case name = "Name"
            case policy = "Policy"
        }
    }

    public struct PutMultiRegionAccessPointPolicyRequest: AWSEncodableShape {
        public static let _options: AWSShapeOptions = [.checksumRequired]
        /// The Amazon Web Services account ID for the owner of the Multi-Region Access Point.
        public let accountId: String
        /// An idempotency token used to identify the request and guarantee that requests are unique.
        public let clientToken: String
        /// A container element containing the details of the policy for the Multi-Region Access Point.
        public let details: PutMultiRegionAccessPointPolicyInput

        @inlinable
        public init(accountId: String, clientToken: String = PutMultiRegionAccessPointPolicyRequest.idempotencyToken(), details: PutMultiRegionAccessPointPolicyInput) {
            self.accountId = accountId
            self.clientToken = clientToken
            self.details = details
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            var container = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            try container.encode(self.clientToken, forKey: .clientToken)
            try container.encode(self.details, forKey: .details)
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.clientToken, name: "clientToken", parent: name, max: 64)
            try self.validate(self.clientToken, name: "clientToken", parent: name, pattern: "^\\S+$")
            try self.details.validate(name: "\(name).details")
        }

        private enum CodingKeys: String, CodingKey {
            case clientToken = "ClientToken"
            case details = "Details"
        }
    }

    public struct PutMultiRegionAccessPointPolicyResult: AWSDecodableShape {
        /// The request token associated with the request. You can use this token with DescribeMultiRegionAccessPointOperation to determine the status of asynchronous requests.
        public let requestTokenARN: String?

        @inlinable
        public init(requestTokenARN: String? = nil) {
            self.requestTokenARN = requestTokenARN
        }

        private enum CodingKeys: String, CodingKey {
            case requestTokenARN = "RequestTokenARN"
        }
    }

    public struct PutPublicAccessBlockRequest: AWSEncodableShape {
        public static let _xmlRootNodeName: String? = "PublicAccessBlockConfiguration"
        /// The account ID for the Amazon Web Services account whose PublicAccessBlock configuration you want to set.
        public let accountId: String
        /// The PublicAccessBlock configuration that you want to apply to the specified Amazon Web Services account.
        public let publicAccessBlockConfiguration: PublicAccessBlockConfiguration

        @inlinable
        public init(accountId: String, publicAccessBlockConfiguration: PublicAccessBlockConfiguration) {
            self.accountId = accountId
            self.publicAccessBlockConfiguration = publicAccessBlockConfiguration
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            var container = encoder.singleValueContainer()
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            try container.encode(self.publicAccessBlockConfiguration)
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct PutStorageLensConfigurationRequest: AWSEncodableShape {
        public struct _TagsEncoding: ArrayCoderProperties { public static let member = "Tag" }

        /// The account ID of the requester.
        public let accountId: String
        /// The ID of the S3 Storage Lens configuration.
        public let configId: String
        /// The S3 Storage Lens configuration.
        public let storageLensConfiguration: StorageLensConfiguration
        /// The tag set of the S3 Storage Lens configuration.  You can set up to a maximum of 50 tags.
        @OptionalCustomCoding<ArrayCoder<_TagsEncoding, StorageLensTag>>
        public var tags: [StorageLensTag]?

        @inlinable
        public init(accountId: String, configId: String, storageLensConfiguration: StorageLensConfiguration, tags: [StorageLensTag]? = nil) {
            self.accountId = accountId
            self.configId = configId
            self.storageLensConfiguration = storageLensConfiguration
            self.tags = tags
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            var container = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.configId, key: "ConfigId")
            try container.encode(self.storageLensConfiguration, forKey: .storageLensConfiguration)
            try container.encodeIfPresent(self.tags, forKey: .tags)
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.configId, name: "configId", parent: name, max: 64)
            try self.validate(self.configId, name: "configId", parent: name, min: 1)
            try self.validate(self.configId, name: "configId", parent: name, pattern: "^[a-zA-Z0-9\\-\\_\\.]+$")
            try self.storageLensConfiguration.validate(name: "\(name).storageLensConfiguration")
            try self.tags?.forEach {
                try $0.validate(name: "\(name).tags[]")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case storageLensConfiguration = "StorageLensConfiguration"
            case tags = "Tags"
        }
    }

    public struct PutStorageLensConfigurationTaggingRequest: AWSEncodableShape {
        public struct _TagsEncoding: ArrayCoderProperties { public static let member = "Tag" }

        /// The account ID of the requester.
        public let accountId: String
        /// The ID of the S3 Storage Lens configuration.
        public let configId: String
        /// The tag set of the S3 Storage Lens configuration.  You can set up to a maximum of 50 tags.
        @CustomCoding<ArrayCoder<_TagsEncoding, StorageLensTag>>
        public var tags: [StorageLensTag]

        @inlinable
        public init(accountId: String, configId: String, tags: [StorageLensTag]) {
            self.accountId = accountId
            self.configId = configId
            self.tags = tags
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            var container = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.configId, key: "ConfigId")
            try container.encode(self.tags, forKey: .tags)
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.configId, name: "configId", parent: name, max: 64)
            try self.validate(self.configId, name: "configId", parent: name, min: 1)
            try self.validate(self.configId, name: "configId", parent: name, pattern: "^[a-zA-Z0-9\\-\\_\\.]+$")
            try self.tags.forEach {
                try $0.validate(name: "\(name).tags[]")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case tags = "Tags"
        }
    }

    public struct PutStorageLensConfigurationTaggingResult: AWSDecodableShape {
        public init() {}
    }

    public struct Region: AWSEncodableShape & AWSDecodableShape {
        /// The name of the associated bucket for the Region.
        public let bucket: String
        /// The Amazon Web Services account ID that owns the Amazon S3 bucket that's associated with this Multi-Region Access Point.
        public let bucketAccountId: String?

        @inlinable
        public init(bucket: String, bucketAccountId: String? = nil) {
            self.bucket = bucket
            self.bucketAccountId = bucketAccountId
        }

        public func validate(name: String) throws {
            try self.validate(self.bucket, name: "bucket", parent: name, max: 255)
            try self.validate(self.bucket, name: "bucket", parent: name, min: 3)
            try self.validate(self.bucketAccountId, name: "bucketAccountId", parent: name, max: 64)
            try self.validate(self.bucketAccountId, name: "bucketAccountId", parent: name, pattern: "^\\d{12}$")
        }

        private enum CodingKeys: String, CodingKey {
            case bucket = "Bucket"
            case bucketAccountId = "BucketAccountId"
        }
    }

    public struct RegionReport: AWSDecodableShape {
        /// The name of the bucket.
        public let bucket: String?
        /// The Amazon Web Services account ID that owns the Amazon S3 bucket that's associated with this Multi-Region Access Point.
        public let bucketAccountId: String?
        /// The name of the Region.
        public let region: String?

        @inlinable
        public init(bucket: String? = nil, bucketAccountId: String? = nil, region: String? = nil) {
            self.bucket = bucket
            self.bucketAccountId = bucketAccountId
            self.region = region
        }

        private enum CodingKeys: String, CodingKey {
            case bucket = "Bucket"
            case bucketAccountId = "BucketAccountId"
            case region = "Region"
        }
    }

    public struct RegionalBucket: AWSDecodableShape {
        public let bucket: String
        /// The Amazon Resource Name (ARN) for the regional bucket.
        public let bucketArn: String?
        /// The creation date of the regional bucket
        public let creationDate: Date
        /// The Outposts ID of the regional bucket.
        public let outpostId: String?
        public let publicAccessBlockEnabled: Bool

        @inlinable
        public init(bucket: String, bucketArn: String? = nil, creationDate: Date, outpostId: String? = nil, publicAccessBlockEnabled: Bool) {
            self.bucket = bucket
            self.bucketArn = bucketArn
            self.creationDate = creationDate
            self.outpostId = outpostId
            self.publicAccessBlockEnabled = publicAccessBlockEnabled
        }

        private enum CodingKeys: String, CodingKey {
            case bucket = "Bucket"
            case bucketArn = "BucketArn"
            case creationDate = "CreationDate"
            case outpostId = "OutpostId"
            case publicAccessBlockEnabled = "PublicAccessBlockEnabled"
        }
    }

    public struct ReplicaModifications: AWSEncodableShape & AWSDecodableShape {
        /// Specifies whether S3 on Outposts replicates modifications to object metadata on replicas.
        public let status: ReplicaModificationsStatus

        @inlinable
        public init(status: ReplicaModificationsStatus) {
            self.status = status
        }

        private enum CodingKeys: String, CodingKey {
            case status = "Status"
        }
    }

    public struct ReplicationConfiguration: AWSEncodableShape & AWSDecodableShape {
        public struct _RulesEncoding: ArrayCoderProperties { public static let member = "Rule" }

        /// The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that S3 on Outposts assumes when replicating objects. For information about S3 replication on Outposts configuration, see Setting up replication in the Amazon S3 User Guide.
        public let role: String
        /// A container for one or more replication rules. A replication configuration must have at least one rule and can contain an array of 100 rules at the most.
        @CustomCoding<ArrayCoder<_RulesEncoding, ReplicationRule>>
        public var rules: [ReplicationRule]

        @inlinable
        public init(role: String, rules: [ReplicationRule]) {
            self.role = role
            self.rules = rules
        }

        public func validate(name: String) throws {
            try self.rules.forEach {
                try $0.validate(name: "\(name).rules[]")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case role = "Role"
            case rules = "Rules"
        }
    }

    public struct ReplicationRule: AWSEncodableShape & AWSDecodableShape {
        /// The Amazon Resource Name (ARN) of the access point for the source Outposts bucket that you want S3 on Outposts to replicate the objects from.
        public let bucket: String
        /// Specifies whether S3 on Outposts replicates delete markers. If you specify a Filter element in your replication configuration, you must also include a DeleteMarkerReplication element. If your Filter includes a Tag element, the DeleteMarkerReplication element's Status child element must be set to Disabled, because S3 on Outposts doesn't support replicating delete markers for tag-based rules. For more information about delete marker replication, see How delete operations affect replication in the Amazon S3 User Guide.
        public let deleteMarkerReplication: DeleteMarkerReplication?
        /// A container for information about the replication destination and its configurations.
        public let destination: Destination
        /// An optional configuration to replicate existing source bucket objects.   This is not supported by Amazon S3 on Outposts buckets.
        public let existingObjectReplication: ExistingObjectReplication?
        /// A filter that identifies the subset of objects to which the replication rule applies. A Filter element must specify exactly one Prefix, Tag, or And child element.
        public let filter: ReplicationRuleFilter?
        /// A unique identifier for the rule. The maximum value is 255 characters.
        public let id: String?
        /// An object key name prefix that identifies the object or objects to which the rule applies. The maximum prefix length is 1,024 characters. To include all objects in an Outposts bucket, specify an empty string.  When you're using XML requests, you must
        /// replace special characters (such as carriage returns) in object keys with their equivalent XML entity codes.
        /// For more information, see  XML-related object key constraints in the Amazon S3 User Guide.
        public let prefix: String?
        /// The priority indicates which rule has precedence whenever two or more replication rules conflict. S3 on Outposts attempts to replicate objects according to all replication rules. However, if there are two or more rules with the same destination Outposts bucket, then objects will be replicated according to the rule with the highest priority. The higher the number, the higher the priority.  For more information, see Creating replication rules on Outposts in the Amazon S3 User Guide.
        public let priority: Int?
        /// A container that describes additional filters for identifying the source Outposts objects that you want to replicate. You can choose to enable or disable the replication of these objects.
        public let sourceSelectionCriteria: SourceSelectionCriteria?
        /// Specifies whether the rule is enabled.
        public let status: ReplicationRuleStatus

        @inlinable
        public init(bucket: String, deleteMarkerReplication: DeleteMarkerReplication? = nil, destination: Destination, existingObjectReplication: ExistingObjectReplication? = nil, filter: ReplicationRuleFilter? = nil, id: String? = nil, priority: Int? = nil, sourceSelectionCriteria: SourceSelectionCriteria? = nil, status: ReplicationRuleStatus) {
            self.bucket = bucket
            self.deleteMarkerReplication = deleteMarkerReplication
            self.destination = destination
            self.existingObjectReplication = existingObjectReplication
            self.filter = filter
            self.id = id
            self.prefix = nil
            self.priority = priority
            self.sourceSelectionCriteria = sourceSelectionCriteria
            self.status = status
        }

        @available(*, deprecated, message: "Members prefix have been deprecated")
        @inlinable
        public init(bucket: String, deleteMarkerReplication: DeleteMarkerReplication? = nil, destination: Destination, existingObjectReplication: ExistingObjectReplication? = nil, filter: ReplicationRuleFilter? = nil, id: String? = nil, prefix: String? = nil, priority: Int? = nil, sourceSelectionCriteria: SourceSelectionCriteria? = nil, status: ReplicationRuleStatus) {
            self.bucket = bucket
            self.deleteMarkerReplication = deleteMarkerReplication
            self.destination = destination
            self.existingObjectReplication = existingObjectReplication
            self.filter = filter
            self.id = id
            self.prefix = prefix
            self.priority = priority
            self.sourceSelectionCriteria = sourceSelectionCriteria
            self.status = status
        }

        public func validate(name: String) throws {
            try self.destination.validate(name: "\(name).destination")
            try self.filter?.validate(name: "\(name).filter")
        }

        private enum CodingKeys: String, CodingKey {
            case bucket = "Bucket"
            case deleteMarkerReplication = "DeleteMarkerReplication"
            case destination = "Destination"
            case existingObjectReplication = "ExistingObjectReplication"
            case filter = "Filter"
            case id = "ID"
            case prefix = "Prefix"
            case priority = "Priority"
            case sourceSelectionCriteria = "SourceSelectionCriteria"
            case status = "Status"
        }
    }

    public struct ReplicationRuleAndOperator: AWSEncodableShape & AWSDecodableShape {
        /// An object key name prefix that identifies the subset of objects that the rule applies to.
        public let prefix: String?
        /// An array of tags that contain key and value pairs.
        @OptionalCustomCoding<StandardArrayCoder<S3Tag>>
        public var tags: [S3Tag]?

        @inlinable
        public init(prefix: String? = nil, tags: [S3Tag]? = nil) {
            self.prefix = prefix
            self.tags = tags
        }

        public func validate(name: String) throws {
            try self.tags?.forEach {
                try $0.validate(name: "\(name).tags[]")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case prefix = "Prefix"
            case tags = "Tags"
        }
    }

    public struct ReplicationRuleFilter: AWSEncodableShape & AWSDecodableShape {
        /// A container for specifying rule filters. The filters determine the subset of objects that the rule applies to. This element is required only if you specify more than one filter. For example:    If you specify both a Prefix and a Tag filter, wrap these filters in an And element.   If you specify a filter based on multiple tags, wrap the Tag elements in an And element.
        public let and: ReplicationRuleAndOperator?
        /// An object key name prefix that identifies the subset of objects that the rule applies to.  When you're using XML requests, you must
        /// replace special characters (such as carriage returns) in object keys with their equivalent XML entity codes.
        /// For more information, see  XML-related object key constraints in the Amazon S3 User Guide.
        public let prefix: String?
        public let tag: S3Tag?

        @inlinable
        public init(and: ReplicationRuleAndOperator? = nil, prefix: String? = nil, tag: S3Tag? = nil) {
            self.and = and
            self.prefix = prefix
            self.tag = tag
        }

        public func validate(name: String) throws {
            try self.and?.validate(name: "\(name).and")
            try self.tag?.validate(name: "\(name).tag")
        }

        private enum CodingKeys: String, CodingKey {
            case and = "And"
            case prefix = "Prefix"
            case tag = "Tag"
        }
    }

    public struct ReplicationTime: AWSEncodableShape & AWSDecodableShape {
        /// Specifies whether S3 Replication Time Control (S3 RTC) is enabled.
        public let status: ReplicationTimeStatus
        /// A container that specifies the time by which replication should be complete for all objects and operations on objects.
        public let time: ReplicationTimeValue

        @inlinable
        public init(status: ReplicationTimeStatus, time: ReplicationTimeValue) {
            self.status = status
            self.time = time
        }

        private enum CodingKeys: String, CodingKey {
            case status = "Status"
            case time = "Time"
        }
    }

    public struct ReplicationTimeValue: AWSEncodableShape & AWSDecodableShape {
        /// Contains an integer that specifies the time period in minutes.  Valid value: 15
        public let minutes: Int?

        @inlinable
        public init(minutes: Int? = nil) {
            self.minutes = minutes
        }

        private enum CodingKeys: String, CodingKey {
            case minutes = "Minutes"
        }
    }

    public struct S3AccessControlList: AWSEncodableShape & AWSDecodableShape {
        @OptionalCustomCoding<StandardArrayCoder<S3Grant>>
        public var grants: [S3Grant]?
        public let owner: S3ObjectOwner

        @inlinable
        public init(grants: [S3Grant]? = nil, owner: S3ObjectOwner) {
            self.grants = grants
            self.owner = owner
        }

        public func validate(name: String) throws {
            try self.grants?.forEach {
                try $0.validate(name: "\(name).grants[]")
            }
            try self.owner.validate(name: "\(name).owner")
        }

        private enum CodingKeys: String, CodingKey {
            case grants = "Grants"
            case owner = "Owner"
        }
    }

    public struct S3AccessControlPolicy: AWSEncodableShape & AWSDecodableShape {
        public let accessControlList: S3AccessControlList?
        public let cannedAccessControlList: S3CannedAccessControlList?

        @inlinable
        public init(accessControlList: S3AccessControlList? = nil, cannedAccessControlList: S3CannedAccessControlList? = nil) {
            self.accessControlList = accessControlList
            self.cannedAccessControlList = cannedAccessControlList
        }

        public func validate(name: String) throws {
            try self.accessControlList?.validate(name: "\(name).accessControlList")
        }

        private enum CodingKeys: String, CodingKey {
            case accessControlList = "AccessControlList"
            case cannedAccessControlList = "CannedAccessControlList"
        }
    }

    public struct S3BucketDestination: AWSEncodableShape & AWSDecodableShape {
        /// The account ID of the owner of the S3 Storage Lens metrics export bucket.
        public let accountId: String
        /// The Amazon Resource Name (ARN) of the bucket. This property is read-only and follows the following format:  arn:aws:s3:us-east-1:example-account-id:bucket/your-destination-bucket-name
        public let arn: String
        /// The container for the type encryption of the metrics exports in this bucket.
        public let encryption: StorageLensDataExportEncryption?
        public let format: Format
        /// The schema version of the export file.
        public let outputSchemaVersion: OutputSchemaVersion
        /// The prefix of the destination bucket where the metrics export will be delivered.
        public let prefix: String?

        @inlinable
        public init(accountId: String, arn: String, encryption: StorageLensDataExportEncryption? = nil, format: Format, outputSchemaVersion: OutputSchemaVersion, prefix: String? = nil) {
            self.accountId = accountId
            self.arn = arn
            self.encryption = encryption
            self.format = format
            self.outputSchemaVersion = outputSchemaVersion
            self.prefix = prefix
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.arn, name: "arn", parent: name, max: 128)
            try self.validate(self.arn, name: "arn", parent: name, min: 1)
            try self.validate(self.arn, name: "arn", parent: name, pattern: "^arn:[^:]+:s3:")
        }

        private enum CodingKeys: String, CodingKey {
            case accountId = "AccountId"
            case arn = "Arn"
            case encryption = "Encryption"
            case format = "Format"
            case outputSchemaVersion = "OutputSchemaVersion"
            case prefix = "Prefix"
        }
    }

    public struct S3CopyObjectOperation: AWSEncodableShape & AWSDecodableShape {
        ///   This functionality is not supported by directory buckets.
        @OptionalCustomCoding<StandardArrayCoder<S3Grant>>
        public var accessControlGrants: [S3Grant]?
        /// Specifies whether Amazon S3 should use an S3 Bucket Key for object encryption with server-side encryption using Amazon Web Services KMS (SSE-KMS). Setting this header to true causes Amazon S3 to use an S3 Bucket Key for object encryption with SSE-KMS. Specifying this header with an Copy action doesn’t affect bucket-level settings for S3 Bucket Key.   Directory buckets - S3 Bucket Keys aren't supported, when you copy SSE-KMS encrypted objects from general purpose buckets
        /// to directory buckets, from directory buckets to general purpose buckets, or between directory buckets, through the Copy operation in Batch Operations. In this case, Amazon S3 makes a call to KMS every time a copy request is made for a KMS-encrypted object.
        public let bucketKeyEnabled: Bool?
        ///   This functionality is not supported by directory buckets.
        public let cannedAccessControlList: S3CannedAccessControlList?
        /// Indicates the algorithm that you want Amazon S3 to use to create the checksum. For more information, see  Checking object integrity in the Amazon S3 User Guide.
        public let checksumAlgorithm: S3ChecksumAlgorithm?
        public let metadataDirective: S3MetadataDirective?
        public let modifiedSinceConstraint: Date?
        /// If you don't provide this parameter, Amazon S3 copies all the metadata from the original objects. If you specify an empty set, the new objects will have no tags. Otherwise, Amazon S3 assigns the supplied tags to the new objects.
        public let newObjectMetadata: S3ObjectMetadata?
        /// Specifies a list of tags to add to the destination objects after they are copied.  If NewObjectTagging is not specified, the tags of the source objects are copied to destination objects by default.   Directory buckets - Tags aren't supported by directory buckets.  If your source objects have tags and your destination bucket is a directory bucket, specify an empty tag set in the NewObjectTagging field  to prevent copying the source object tags to the directory bucket.
        @OptionalCustomCoding<StandardArrayCoder<S3Tag>>
        public var newObjectTagging: [S3Tag]?
        /// The legal hold status to be applied to all objects in the Batch Operations job.  This functionality is not supported by directory buckets.
        public let objectLockLegalHoldStatus: S3ObjectLockLegalHoldStatus?
        /// The retention mode to be applied to all objects in the Batch Operations job.  This functionality is not supported by directory buckets.
        public let objectLockMode: S3ObjectLockMode?
        /// The date when the applied object retention configuration expires on all objects in the Batch Operations job.  This functionality is not supported by directory buckets.
        public let objectLockRetainUntilDate: Date?
        /// If the destination bucket is configured as a website, specifies an optional metadata property for website redirects, x-amz-website-redirect-location. Allows webpage redirects if the object copy is accessed through a website endpoint.  This functionality is not supported by directory buckets.
        public let redirectLocation: String?
        ///   This functionality is not supported by directory buckets.
        public let requesterPays: Bool?
        /// Specifies the KMS key ID (Key ID, Key ARN, or Key Alias) to use for object encryption. If the KMS key doesn't exist in the same account that's issuing the command, you must use the full Key ARN not the Key ID.   Directory buckets - If you specify SSEAlgorithm with KMS, you must specify the  SSEAwsKmsKeyId parameter with the ID (Key ID or Key ARN) of the KMS  symmetric encryption customer managed key to use. Otherwise, you get an HTTP 400 Bad Request error. The key alias format of the KMS key isn't supported. To encrypt new object copies in a directory bucket with SSE-KMS, you must specify SSE-KMS as the directory bucket's default encryption configuration with a KMS key (specifically, a customer managed key).  The Amazon Web Services managed key (aws/s3) isn't supported. Your SSE-KMS configuration can only support 1 customer managed key per directory bucket for the lifetime of the bucket.
        /// After you specify a customer managed key for SSE-KMS as the bucket default encryption, you can't override the customer managed key for the bucket's SSE-KMS configuration.
        /// Then, when you specify server-side encryption settings for new object copies with SSE-KMS, you must make sure the encryption key is the same customer managed key that you specified for the directory bucket's default encryption configuration.
        public let sseAwsKmsKeyId: String?
        /// Specify the storage class for the destination objects in a Copy operation.   Directory buckets  - This functionality is not supported by directory buckets.
        public let storageClass: S3StorageClass?
        /// Specifies the folder prefix that you want the objects to be copied into. For example, to copy objects into a folder named Folder1 in the destination bucket, set the TargetKeyPrefix property to Folder1.
        public let targetKeyPrefix: String?
        /// Specifies the destination bucket Amazon Resource Name (ARN) for the batch copy operation.    General purpose buckets - For example, to copy objects to a general purpose bucket named destinationBucket, set the TargetResource property to arn:aws:s3:::destinationBucket.    Directory buckets - For example, to copy objects to a directory bucket named destinationBucket in the Availability Zone identified by the AZ ID usw2-az1, set the TargetResource property to arn:aws:s3express:region:account_id:/bucket/destination_bucket_base_name--usw2-az1--x-s3. A directory bucket as a destination bucket can be in Availability Zone or Local Zone.   Copying objects across different Amazon Web Services Regions isn't supported when the source or destination bucket is in Amazon Web Services Local Zones. The source and destination buckets must have the same parent Amazon Web Services Region. Otherwise,  you get an HTTP 400 Bad Request error with the error code InvalidRequest.
        public let targetResource: String?
        public let unModifiedSinceConstraint: Date?

        @inlinable
        public init(accessControlGrants: [S3Grant]? = nil, bucketKeyEnabled: Bool? = nil, cannedAccessControlList: S3CannedAccessControlList? = nil, checksumAlgorithm: S3ChecksumAlgorithm? = nil, metadataDirective: S3MetadataDirective? = nil, modifiedSinceConstraint: Date? = nil, newObjectMetadata: S3ObjectMetadata? = nil, newObjectTagging: [S3Tag]? = nil, objectLockLegalHoldStatus: S3ObjectLockLegalHoldStatus? = nil, objectLockMode: S3ObjectLockMode? = nil, objectLockRetainUntilDate: Date? = nil, redirectLocation: String? = nil, requesterPays: Bool? = nil, sseAwsKmsKeyId: String? = nil, storageClass: S3StorageClass? = nil, targetKeyPrefix: String? = nil, targetResource: String? = nil, unModifiedSinceConstraint: Date? = nil) {
            self.accessControlGrants = accessControlGrants
            self.bucketKeyEnabled = bucketKeyEnabled
            self.cannedAccessControlList = cannedAccessControlList
            self.checksumAlgorithm = checksumAlgorithm
            self.metadataDirective = metadataDirective
            self.modifiedSinceConstraint = modifiedSinceConstraint
            self.newObjectMetadata = newObjectMetadata
            self.newObjectTagging = newObjectTagging
            self.objectLockLegalHoldStatus = objectLockLegalHoldStatus
            self.objectLockMode = objectLockMode
            self.objectLockRetainUntilDate = objectLockRetainUntilDate
            self.redirectLocation = redirectLocation
            self.requesterPays = requesterPays
            self.sseAwsKmsKeyId = sseAwsKmsKeyId
            self.storageClass = storageClass
            self.targetKeyPrefix = targetKeyPrefix
            self.targetResource = targetResource
            self.unModifiedSinceConstraint = unModifiedSinceConstraint
        }

        public func validate(name: String) throws {
            try self.accessControlGrants?.forEach {
                try $0.validate(name: "\(name).accessControlGrants[]")
            }
            try self.newObjectMetadata?.validate(name: "\(name).newObjectMetadata")
            try self.newObjectTagging?.forEach {
                try $0.validate(name: "\(name).newObjectTagging[]")
            }
            try self.validate(self.redirectLocation, name: "redirectLocation", parent: name, max: 2048)
            try self.validate(self.redirectLocation, name: "redirectLocation", parent: name, min: 1)
            try self.validate(self.sseAwsKmsKeyId, name: "sseAwsKmsKeyId", parent: name, max: 2000)
            try self.validate(self.sseAwsKmsKeyId, name: "sseAwsKmsKeyId", parent: name, min: 1)
            try self.validate(self.targetKeyPrefix, name: "targetKeyPrefix", parent: name, max: 1024)
            try self.validate(self.targetKeyPrefix, name: "targetKeyPrefix", parent: name, min: 1)
            try self.validate(self.targetResource, name: "targetResource", parent: name, max: 128)
            try self.validate(self.targetResource, name: "targetResource", parent: name, min: 1)
            try self.validate(self.targetResource, name: "targetResource", parent: name, pattern: "^arn:[^:]+:(s3|s3express):")
        }

        private enum CodingKeys: String, CodingKey {
            case accessControlGrants = "AccessControlGrants"
            case bucketKeyEnabled = "BucketKeyEnabled"
            case cannedAccessControlList = "CannedAccessControlList"
            case checksumAlgorithm = "ChecksumAlgorithm"
            case metadataDirective = "MetadataDirective"
            case modifiedSinceConstraint = "ModifiedSinceConstraint"
            case newObjectMetadata = "NewObjectMetadata"
            case newObjectTagging = "NewObjectTagging"
            case objectLockLegalHoldStatus = "ObjectLockLegalHoldStatus"
            case objectLockMode = "ObjectLockMode"
            case objectLockRetainUntilDate = "ObjectLockRetainUntilDate"
            case redirectLocation = "RedirectLocation"
            case requesterPays = "RequesterPays"
            case sseAwsKmsKeyId = "SSEAwsKmsKeyId"
            case storageClass = "StorageClass"
            case targetKeyPrefix = "TargetKeyPrefix"
            case targetResource = "TargetResource"
            case unModifiedSinceConstraint = "UnModifiedSinceConstraint"
        }
    }

    public struct S3DeleteObjectTaggingOperation: AWSEncodableShape & AWSDecodableShape {
        public init() {}
    }

    public struct S3GeneratedManifestDescriptor: AWSDecodableShape {
        /// The format of the generated manifest.
        public let format: GeneratedManifestFormat?
        public let location: JobManifestLocation?

        @inlinable
        public init(format: GeneratedManifestFormat? = nil, location: JobManifestLocation? = nil) {
            self.format = format
            self.location = location
        }

        private enum CodingKeys: String, CodingKey {
            case format = "Format"
            case location = "Location"
        }
    }

    public struct S3Grant: AWSEncodableShape & AWSDecodableShape {
        public let grantee: S3Grantee?
        public let permission: S3Permission?

        @inlinable
        public init(grantee: S3Grantee? = nil, permission: S3Permission? = nil) {
            self.grantee = grantee
            self.permission = permission
        }

        public func validate(name: String) throws {
            try self.grantee?.validate(name: "\(name).grantee")
        }

        private enum CodingKeys: String, CodingKey {
            case grantee = "Grantee"
            case permission = "Permission"
        }
    }

    public struct S3Grantee: AWSEncodableShape & AWSDecodableShape {
        public let displayName: String?
        public let identifier: String?
        public let typeIdentifier: S3GranteeTypeIdentifier?

        @inlinable
        public init(displayName: String? = nil, identifier: String? = nil, typeIdentifier: S3GranteeTypeIdentifier? = nil) {
            self.displayName = displayName
            self.identifier = identifier
            self.typeIdentifier = typeIdentifier
        }

        public func validate(name: String) throws {
            try self.validate(self.displayName, name: "displayName", parent: name, max: 1024)
            try self.validate(self.displayName, name: "displayName", parent: name, min: 1)
            try self.validate(self.identifier, name: "identifier", parent: name, max: 1024)
            try self.validate(self.identifier, name: "identifier", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case displayName = "DisplayName"
            case identifier = "Identifier"
            case typeIdentifier = "TypeIdentifier"
        }
    }

    public struct S3InitiateRestoreObjectOperation: AWSEncodableShape & AWSDecodableShape {
        /// This argument specifies how long the S3 Glacier or S3 Glacier Deep Archive object remains available in Amazon S3. S3 Initiate Restore Object jobs that target S3 Glacier and S3 Glacier Deep Archive objects require ExpirationInDays set to 1 or greater. Conversely, do not set ExpirationInDays when creating S3 Initiate Restore Object jobs that target S3 Intelligent-Tiering Archive Access and Deep Archive Access tier objects. Objects in S3 Intelligent-Tiering archive access tiers are not subject to restore expiry, so specifying ExpirationInDays results in restore request failure. S3 Batch Operations jobs can operate either on S3 Glacier and S3 Glacier Deep Archive storage class objects or on S3 Intelligent-Tiering Archive Access and Deep Archive Access storage tier objects, but not both types in the same job. If you need to restore objects of both types you must create separate Batch Operations jobs.
        public let expirationInDays: Int?
        /// S3 Batch Operations supports STANDARD and BULK retrieval tiers, but not the EXPEDITED retrieval tier.
        public let glacierJobTier: S3GlacierJobTier?

        @inlinable
        public init(expirationInDays: Int? = nil, glacierJobTier: S3GlacierJobTier? = nil) {
            self.expirationInDays = expirationInDays
            self.glacierJobTier = glacierJobTier
        }

        public func validate(name: String) throws {
            try self.validate(self.expirationInDays, name: "expirationInDays", parent: name, min: 0)
        }

        private enum CodingKeys: String, CodingKey {
            case expirationInDays = "ExpirationInDays"
            case glacierJobTier = "GlacierJobTier"
        }
    }

    public struct S3JobManifestGenerator: AWSEncodableShape & AWSDecodableShape {
        /// Determines whether or not to write the job's generated manifest to a bucket.
        public let enableManifestOutput: Bool
        /// The Amazon Web Services account ID that owns the bucket the generated manifest is written to. If provided the generated manifest bucket's owner Amazon Web Services account ID must match this value, else the job fails.
        public let expectedBucketOwner: String?
        /// Specifies rules the S3JobManifestGenerator should use to decide whether an object in the source bucket should or should not be included in the generated job manifest.
        public let filter: JobManifestGeneratorFilter?
        /// Specifies the location the generated manifest will be written to. Manifests can't be written to directory buckets. For more information, see Directory buckets.
        public let manifestOutputLocation: S3ManifestOutputLocation?
        /// The ARN of the source bucket used by the ManifestGenerator.   Directory buckets - Directory buckets aren't supported  as the source buckets used by S3JobManifestGenerator to generate the job manifest.
        public let sourceBucket: String

        @inlinable
        public init(enableManifestOutput: Bool, expectedBucketOwner: String? = nil, filter: JobManifestGeneratorFilter? = nil, manifestOutputLocation: S3ManifestOutputLocation? = nil, sourceBucket: String) {
            self.enableManifestOutput = enableManifestOutput
            self.expectedBucketOwner = expectedBucketOwner
            self.filter = filter
            self.manifestOutputLocation = manifestOutputLocation
            self.sourceBucket = sourceBucket
        }

        public func validate(name: String) throws {
            try self.validate(self.expectedBucketOwner, name: "expectedBucketOwner", parent: name, max: 64)
            try self.validate(self.expectedBucketOwner, name: "expectedBucketOwner", parent: name, pattern: "^\\d{12}$")
            try self.filter?.validate(name: "\(name).filter")
            try self.manifestOutputLocation?.validate(name: "\(name).manifestOutputLocation")
            try self.validate(self.sourceBucket, name: "sourceBucket", parent: name, max: 128)
            try self.validate(self.sourceBucket, name: "sourceBucket", parent: name, min: 1)
            try self.validate(self.sourceBucket, name: "sourceBucket", parent: name, pattern: "^arn:[^:]+:s3:")
        }

        private enum CodingKeys: String, CodingKey {
            case enableManifestOutput = "EnableManifestOutput"
            case expectedBucketOwner = "ExpectedBucketOwner"
            case filter = "Filter"
            case manifestOutputLocation = "ManifestOutputLocation"
            case sourceBucket = "SourceBucket"
        }
    }

    public struct S3ManifestOutputLocation: AWSEncodableShape & AWSDecodableShape {
        /// The bucket ARN the generated manifest should be written to.   Directory buckets - Directory buckets aren't supported  as the buckets to store the generated manifest.
        public let bucket: String
        /// The Account ID that owns the bucket the generated manifest is written to.
        public let expectedManifestBucketOwner: String?
        /// Specifies what encryption should be used when the generated manifest objects are written.
        public let manifestEncryption: GeneratedManifestEncryption?
        /// The format of the generated manifest.
        public let manifestFormat: GeneratedManifestFormat
        /// Prefix identifying one or more objects to which the manifest applies.
        public let manifestPrefix: String?

        @inlinable
        public init(bucket: String, expectedManifestBucketOwner: String? = nil, manifestEncryption: GeneratedManifestEncryption? = nil, manifestFormat: GeneratedManifestFormat, manifestPrefix: String? = nil) {
            self.bucket = bucket
            self.expectedManifestBucketOwner = expectedManifestBucketOwner
            self.manifestEncryption = manifestEncryption
            self.manifestFormat = manifestFormat
            self.manifestPrefix = manifestPrefix
        }

        public func validate(name: String) throws {
            try self.validate(self.bucket, name: "bucket", parent: name, max: 128)
            try self.validate(self.bucket, name: "bucket", parent: name, min: 1)
            try self.validate(self.bucket, name: "bucket", parent: name, pattern: "^arn:[^:]+:s3:")
            try self.validate(self.expectedManifestBucketOwner, name: "expectedManifestBucketOwner", parent: name, max: 64)
            try self.validate(self.expectedManifestBucketOwner, name: "expectedManifestBucketOwner", parent: name, pattern: "^\\d{12}$")
            try self.manifestEncryption?.validate(name: "\(name).manifestEncryption")
            try self.validate(self.manifestPrefix, name: "manifestPrefix", parent: name, max: 512)
            try self.validate(self.manifestPrefix, name: "manifestPrefix", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case bucket = "Bucket"
            case expectedManifestBucketOwner = "ExpectedManifestBucketOwner"
            case manifestEncryption = "ManifestEncryption"
            case manifestFormat = "ManifestFormat"
            case manifestPrefix = "ManifestPrefix"
        }
    }

    public struct S3ObjectLockLegalHold: AWSEncodableShape & AWSDecodableShape {
        /// The Object Lock legal hold status to be applied to all objects in the Batch Operations job.
        public let status: S3ObjectLockLegalHoldStatus

        @inlinable
        public init(status: S3ObjectLockLegalHoldStatus) {
            self.status = status
        }

        private enum CodingKeys: String, CodingKey {
            case status = "Status"
        }
    }

    public struct S3ObjectMetadata: AWSEncodableShape & AWSDecodableShape {
        public let cacheControl: String?
        public let contentDisposition: String?
        public let contentEncoding: String?
        public let contentLanguage: String?
        ///  This member has been deprecated.
        public let contentLength: Int64?
        ///  This member has been deprecated.
        public let contentMD5: String?
        public let contentType: String?
        public let httpExpiresDate: Date?
        ///  This member has been deprecated.
        public let requesterCharged: Bool?
        /// The server-side encryption algorithm used when storing objects in Amazon S3.  Directory buckets  - For directory buckets, there are only two supported options for server-side encryption: server-side encryption with Amazon S3 managed keys (SSE-S3) (AES256) and server-side encryption with KMS keys (SSE-KMS) (KMS). For more information, see Protecting data with server-side encryption in the Amazon S3 User Guide. For the Copy operation in Batch Operations, see S3CopyObjectOperation.
        public let sseAlgorithm: S3SSEAlgorithm?
        @OptionalCustomCoding<StandardDictionaryCoder<String, String>>
        public var userMetadata: [String: String]?

        @inlinable
        public init(cacheControl: String? = nil, contentDisposition: String? = nil, contentEncoding: String? = nil, contentLanguage: String? = nil, contentLength: Int64? = nil, contentMD5: String? = nil, contentType: String? = nil, httpExpiresDate: Date? = nil, requesterCharged: Bool? = nil, sseAlgorithm: S3SSEAlgorithm? = nil, userMetadata: [String: String]? = nil) {
            self.cacheControl = cacheControl
            self.contentDisposition = contentDisposition
            self.contentEncoding = contentEncoding
            self.contentLanguage = contentLanguage
            self.contentLength = contentLength
            self.contentMD5 = contentMD5
            self.contentType = contentType
            self.httpExpiresDate = httpExpiresDate
            self.requesterCharged = requesterCharged
            self.sseAlgorithm = sseAlgorithm
            self.userMetadata = userMetadata
        }

        public func validate(name: String) throws {
            try self.validate(self.cacheControl, name: "cacheControl", parent: name, max: 1024)
            try self.validate(self.cacheControl, name: "cacheControl", parent: name, min: 1)
            try self.validate(self.contentDisposition, name: "contentDisposition", parent: name, max: 1024)
            try self.validate(self.contentDisposition, name: "contentDisposition", parent: name, min: 1)
            try self.validate(self.contentEncoding, name: "contentEncoding", parent: name, max: 1024)
            try self.validate(self.contentEncoding, name: "contentEncoding", parent: name, min: 1)
            try self.validate(self.contentLanguage, name: "contentLanguage", parent: name, max: 1024)
            try self.validate(self.contentLanguage, name: "contentLanguage", parent: name, min: 1)
            try self.validate(self.contentLength, name: "contentLength", parent: name, min: 0)
            try self.validate(self.contentMD5, name: "contentMD5", parent: name, max: 1024)
            try self.validate(self.contentMD5, name: "contentMD5", parent: name, min: 1)
            try self.validate(self.contentType, name: "contentType", parent: name, max: 1024)
            try self.validate(self.contentType, name: "contentType", parent: name, min: 1)
            try self.userMetadata?.forEach {
                try validate($0.key, name: "userMetadata.key", parent: name, max: 1024)
                try validate($0.key, name: "userMetadata.key", parent: name, min: 1)
                try validate($0.value, name: "userMetadata[\"\($0.key)\"]", parent: name, max: 1024)
            }
            try self.validate(self.userMetadata, name: "userMetadata", parent: name, max: 8192)
        }

        private enum CodingKeys: String, CodingKey {
            case cacheControl = "CacheControl"
            case contentDisposition = "ContentDisposition"
            case contentEncoding = "ContentEncoding"
            case contentLanguage = "ContentLanguage"
            case contentLength = "ContentLength"
            case contentMD5 = "ContentMD5"
            case contentType = "ContentType"
            case httpExpiresDate = "HttpExpiresDate"
            case requesterCharged = "RequesterCharged"
            case sseAlgorithm = "SSEAlgorithm"
            case userMetadata = "UserMetadata"
        }
    }

    public struct S3ObjectOwner: AWSEncodableShape & AWSDecodableShape {
        public let displayName: String?
        public let id: String?

        @inlinable
        public init(displayName: String? = nil, id: String? = nil) {
            self.displayName = displayName
            self.id = id
        }

        public func validate(name: String) throws {
            try self.validate(self.displayName, name: "displayName", parent: name, max: 1024)
            try self.validate(self.displayName, name: "displayName", parent: name, min: 1)
            try self.validate(self.id, name: "id", parent: name, max: 1024)
            try self.validate(self.id, name: "id", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case displayName = "DisplayName"
            case id = "ID"
        }
    }

    public struct S3ReplicateObjectOperation: AWSEncodableShape & AWSDecodableShape {
        public init() {}
    }

    public struct S3Retention: AWSEncodableShape & AWSDecodableShape {
        /// The Object Lock retention mode to be applied to all objects in the Batch Operations job.
        public let mode: S3ObjectLockRetentionMode?
        /// The date when the applied Object Lock retention will expire on all objects set by the Batch Operations job.
        public let retainUntilDate: Date?

        @inlinable
        public init(mode: S3ObjectLockRetentionMode? = nil, retainUntilDate: Date? = nil) {
            self.mode = mode
            self.retainUntilDate = retainUntilDate
        }

        private enum CodingKeys: String, CodingKey {
            case mode = "Mode"
            case retainUntilDate = "RetainUntilDate"
        }
    }

    public struct S3SetObjectAclOperation: AWSEncodableShape & AWSDecodableShape {
        public let accessControlPolicy: S3AccessControlPolicy?

        @inlinable
        public init(accessControlPolicy: S3AccessControlPolicy? = nil) {
            self.accessControlPolicy = accessControlPolicy
        }

        public func validate(name: String) throws {
            try self.accessControlPolicy?.validate(name: "\(name).accessControlPolicy")
        }

        private enum CodingKeys: String, CodingKey {
            case accessControlPolicy = "AccessControlPolicy"
        }
    }

    public struct S3SetObjectLegalHoldOperation: AWSEncodableShape & AWSDecodableShape {
        /// Contains the Object Lock legal hold status to be applied to all objects in the Batch Operations job.
        public let legalHold: S3ObjectLockLegalHold

        @inlinable
        public init(legalHold: S3ObjectLockLegalHold) {
            self.legalHold = legalHold
        }

        private enum CodingKeys: String, CodingKey {
            case legalHold = "LegalHold"
        }
    }

    public struct S3SetObjectRetentionOperation: AWSEncodableShape & AWSDecodableShape {
        /// Indicates if the action should be applied to objects in the Batch Operations job even if they have Object Lock  GOVERNANCE type in place.
        public let bypassGovernanceRetention: Bool?
        /// Contains the Object Lock retention mode to be applied to all objects in the Batch Operations job. For more information, see Using S3 Object Lock retention with S3 Batch Operations in the Amazon S3 User Guide.
        public let retention: S3Retention

        @inlinable
        public init(bypassGovernanceRetention: Bool? = nil, retention: S3Retention) {
            self.bypassGovernanceRetention = bypassGovernanceRetention
            self.retention = retention
        }

        private enum CodingKeys: String, CodingKey {
            case bypassGovernanceRetention = "BypassGovernanceRetention"
            case retention = "Retention"
        }
    }

    public struct S3SetObjectTaggingOperation: AWSEncodableShape & AWSDecodableShape {
        @OptionalCustomCoding<StandardArrayCoder<S3Tag>>
        public var tagSet: [S3Tag]?

        @inlinable
        public init(tagSet: [S3Tag]? = nil) {
            self.tagSet = tagSet
        }

        public func validate(name: String) throws {
            try self.tagSet?.forEach {
                try $0.validate(name: "\(name).tagSet[]")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case tagSet = "TagSet"
        }
    }

    public struct S3Tag: AWSEncodableShape & AWSDecodableShape {
        /// Key of the tag
        public let key: String
        /// Value of the tag
        public let value: String

        @inlinable
        public init(key: String, value: String) {
            self.key = key
            self.value = value
        }

        public func validate(name: String) throws {
            try self.validate(self.key, name: "key", parent: name, max: 128)
            try self.validate(self.key, name: "key", parent: name, min: 1)
            try self.validate(self.key, name: "key", parent: name, pattern: "^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-@]*)$")
            try self.validate(self.value, name: "value", parent: name, max: 256)
            try self.validate(self.value, name: "value", parent: name, pattern: "^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-@]*)$")
        }

        private enum CodingKeys: String, CodingKey {
            case key = "Key"
            case value = "Value"
        }
    }

    public struct SSEKMS: AWSEncodableShape & AWSDecodableShape {
        /// A container for the ARN of the SSE-KMS encryption. This property is read-only and follows the following format:  arn:aws:kms:us-east-1:example-account-id:key/example-9a73-4afc-8d29-8f5900cef44e
        public let keyId: String

        @inlinable
        public init(keyId: String) {
            self.keyId = keyId
        }

        private enum CodingKeys: String, CodingKey {
            case keyId = "KeyId"
        }
    }

    public struct SSEKMSEncryption: AWSEncodableShape & AWSDecodableShape {
        /// Specifies the ID of the Amazon Web Services Key Management Service (Amazon Web Services KMS) symmetric encryption customer managed key to use for encrypting generated manifest objects.
        public let keyId: String

        @inlinable
        public init(keyId: String) {
            self.keyId = keyId
        }

        public func validate(name: String) throws {
            try self.validate(self.keyId, name: "keyId", parent: name, max: 2000)
            try self.validate(self.keyId, name: "keyId", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case keyId = "KeyId"
        }
    }

    public struct SSES3: AWSEncodableShape & AWSDecodableShape {
        public init() {}
    }

    public struct SSES3Encryption: AWSEncodableShape & AWSDecodableShape {
        public init() {}
    }

    public struct Scope: AWSEncodableShape & AWSDecodableShape {
        public struct _PermissionsEncoding: ArrayCoderProperties { public static let member = "Permission" }
        public struct _PrefixesEncoding: ArrayCoderProperties { public static let member = "Prefix" }

        /// You can include one or more API operations as permissions.
        @OptionalCustomCoding<ArrayCoder<_PermissionsEncoding, ScopePermission>>
        public var permissions: [ScopePermission]?
        /// You can specify any amount of prefixes, but the total length of characters of all prefixes must be less than 256 bytes in size.
        @OptionalCustomCoding<ArrayCoder<_PrefixesEncoding, String>>
        public var prefixes: [String]?

        @inlinable
        public init(permissions: [ScopePermission]? = nil, prefixes: [String]? = nil) {
            self.permissions = permissions
            self.prefixes = prefixes
        }

        private enum CodingKeys: String, CodingKey {
            case permissions = "Permissions"
            case prefixes = "Prefixes"
        }
    }

    public struct SelectionCriteria: AWSEncodableShape & AWSDecodableShape {
        /// A container for the delimiter of the selection criteria being used.
        public let delimiter: String?
        /// The max depth of the selection criteria
        public let maxDepth: Int?
        /// The minimum number of storage bytes percentage whose metrics will be selected.  You must choose a value greater than or equal to 1.0.
        public let minStorageBytesPercentage: Double?

        @inlinable
        public init(delimiter: String? = nil, maxDepth: Int? = nil, minStorageBytesPercentage: Double? = nil) {
            self.delimiter = delimiter
            self.maxDepth = maxDepth
            self.minStorageBytesPercentage = minStorageBytesPercentage
        }

        public func validate(name: String) throws {
            try self.validate(self.delimiter, name: "delimiter", parent: name, max: 1)
            try self.validate(self.maxDepth, name: "maxDepth", parent: name, max: 10)
            try self.validate(self.maxDepth, name: "maxDepth", parent: name, min: 1)
            try self.validate(self.minStorageBytesPercentage, name: "minStorageBytesPercentage", parent: name, max: 100.0)
            try self.validate(self.minStorageBytesPercentage, name: "minStorageBytesPercentage", parent: name, min: 0.1)
        }

        private enum CodingKeys: String, CodingKey {
            case delimiter = "Delimiter"
            case maxDepth = "MaxDepth"
            case minStorageBytesPercentage = "MinStorageBytesPercentage"
        }
    }

    public struct SourceSelectionCriteria: AWSEncodableShape & AWSDecodableShape {
        /// A filter that you can use to specify whether replica modification sync is enabled. S3 on Outposts replica modification sync can help you keep object metadata synchronized between replicas and source objects. By default, S3 on Outposts replicates metadata from the source objects to the replicas only. When replica modification sync is enabled, S3 on Outposts replicates metadata changes made to the replica copies back to the source object, making the replication bidirectional. To replicate object metadata modifications on replicas, you can specify this element and set the Status of this element to Enabled.  You must enable replica modification sync on the source and destination buckets to replicate replica metadata changes between the source and the replicas.
        public let replicaModifications: ReplicaModifications?
        /// A filter that you can use to select Amazon S3 objects that are encrypted with server-side encryption by using Key Management Service (KMS) keys. If you include SourceSelectionCriteria in the replication configuration, this element is required.   This is not supported by Amazon S3 on Outposts buckets.
        public let sseKmsEncryptedObjects: SseKmsEncryptedObjects?

        @inlinable
        public init(replicaModifications: ReplicaModifications? = nil, sseKmsEncryptedObjects: SseKmsEncryptedObjects? = nil) {
            self.replicaModifications = replicaModifications
            self.sseKmsEncryptedObjects = sseKmsEncryptedObjects
        }

        private enum CodingKeys: String, CodingKey {
            case replicaModifications = "ReplicaModifications"
            case sseKmsEncryptedObjects = "SseKmsEncryptedObjects"
        }
    }

    public struct SseKmsEncryptedObjects: AWSEncodableShape & AWSDecodableShape {
        /// Specifies whether Amazon S3 replicates objects that are created with server-side encryption by using an KMS key stored in Key Management Service.
        public let status: SseKmsEncryptedObjectsStatus

        @inlinable
        public init(status: SseKmsEncryptedObjectsStatus) {
            self.status = status
        }

        private enum CodingKeys: String, CodingKey {
            case status = "Status"
        }
    }

    public struct StorageLensAwsOrg: AWSEncodableShape & AWSDecodableShape {
        /// A container for the Amazon Resource Name (ARN) of the Amazon Web Services organization. This property is read-only and follows the following format:  arn:aws:organizations:us-east-1:example-account-id:organization/o-ex2l495dck
        public let arn: String

        @inlinable
        public init(arn: String) {
            self.arn = arn
        }

        public func validate(name: String) throws {
            try self.validate(self.arn, name: "arn", parent: name, max: 1024)
            try self.validate(self.arn, name: "arn", parent: name, min: 1)
            try self.validate(self.arn, name: "arn", parent: name, pattern: "^arn:[a-z\\-]+:organizations::\\d{12}:organization\\/o-[a-z0-9]{10,32}$")
        }

        private enum CodingKeys: String, CodingKey {
            case arn = "Arn"
        }
    }

    public struct StorageLensConfiguration: AWSEncodableShape & AWSDecodableShape {
        /// A container for all the account-level configurations of your S3 Storage Lens configuration.
        public let accountLevel: AccountLevel
        /// A container for the Amazon Web Services organization for this S3 Storage Lens configuration.
        public let awsOrg: StorageLensAwsOrg?
        /// A container to specify the properties of your S3 Storage Lens metrics export including, the destination, schema and format.
        public let dataExport: StorageLensDataExport?
        /// A container for what is excluded in this configuration. This container can only be valid if there is no Include container submitted, and it's not empty.
        public let exclude: Exclude?
        /// A container for the Amazon S3 Storage Lens configuration ID.
        public let id: String
        /// A container for what is included in this configuration. This container can only be valid if there is no Exclude container submitted, and it's not empty.
        public let include: Include?
        /// A container for whether the S3 Storage Lens configuration is enabled.
        public let isEnabled: Bool
        /// The Amazon Resource Name (ARN) of the S3 Storage Lens configuration. This property is read-only and follows the following format:  arn:aws:s3:us-east-1:example-account-id:storage-lens/your-dashboard-name
        public let storageLensArn: String?

        @inlinable
        public init(accountLevel: AccountLevel, awsOrg: StorageLensAwsOrg? = nil, dataExport: StorageLensDataExport? = nil, exclude: Exclude? = nil, id: String, include: Include? = nil, isEnabled: Bool, storageLensArn: String? = nil) {
            self.accountLevel = accountLevel
            self.awsOrg = awsOrg
            self.dataExport = dataExport
            self.exclude = exclude
            self.id = id
            self.include = include
            self.isEnabled = isEnabled
            self.storageLensArn = storageLensArn
        }

        public func validate(name: String) throws {
            try self.accountLevel.validate(name: "\(name).accountLevel")
            try self.awsOrg?.validate(name: "\(name).awsOrg")
            try self.dataExport?.validate(name: "\(name).dataExport")
            try self.exclude?.validate(name: "\(name).exclude")
            try self.validate(self.id, name: "id", parent: name, max: 64)
            try self.validate(self.id, name: "id", parent: name, min: 1)
            try self.validate(self.id, name: "id", parent: name, pattern: "^[a-zA-Z0-9\\-\\_\\.]+$")
            try self.include?.validate(name: "\(name).include")
            try self.validate(self.storageLensArn, name: "storageLensArn", parent: name, max: 1024)
            try self.validate(self.storageLensArn, name: "storageLensArn", parent: name, min: 1)
            try self.validate(self.storageLensArn, name: "storageLensArn", parent: name, pattern: "^arn:[a-z\\-]+:s3:[a-z0-9\\-]+:\\d{12}:storage\\-lens\\/")
        }

        private enum CodingKeys: String, CodingKey {
            case accountLevel = "AccountLevel"
            case awsOrg = "AwsOrg"
            case dataExport = "DataExport"
            case exclude = "Exclude"
            case id = "Id"
            case include = "Include"
            case isEnabled = "IsEnabled"
            case storageLensArn = "StorageLensArn"
        }
    }

    public struct StorageLensDataExport: AWSEncodableShape & AWSDecodableShape {
        /// A container for enabling Amazon CloudWatch publishing for S3 Storage Lens metrics.
        public let cloudWatchMetrics: CloudWatchMetrics?
        /// A container for the bucket where the S3 Storage Lens metrics export will be located.  This bucket must be located in the same Region as the storage lens configuration.
        public let s3BucketDestination: S3BucketDestination?

        @inlinable
        public init(cloudWatchMetrics: CloudWatchMetrics? = nil, s3BucketDestination: S3BucketDestination? = nil) {
            self.cloudWatchMetrics = cloudWatchMetrics
            self.s3BucketDestination = s3BucketDestination
        }

        public func validate(name: String) throws {
            try self.s3BucketDestination?.validate(name: "\(name).s3BucketDestination")
        }

        private enum CodingKeys: String, CodingKey {
            case cloudWatchMetrics = "CloudWatchMetrics"
            case s3BucketDestination = "S3BucketDestination"
        }
    }

    public struct StorageLensDataExportEncryption: AWSEncodableShape & AWSDecodableShape {
        public let ssekms: SSEKMS?
        public let sses3: SSES3?

        @inlinable
        public init(ssekms: SSEKMS? = nil, sses3: SSES3? = nil) {
            self.ssekms = ssekms
            self.sses3 = sses3
        }

        private enum CodingKeys: String, CodingKey {
            case ssekms = "SSE-KMS"
            case sses3 = "SSE-S3"
        }
    }

    public struct StorageLensGroup: AWSEncodableShape & AWSDecodableShape {
        /// Sets the criteria for the Storage Lens group data that is displayed. For multiple filter conditions, the AND or OR logical operator is used.
        public let filter: StorageLensGroupFilter
        ///  Contains the name of the Storage Lens group.
        public let name: String
        ///  Contains the Amazon Resource Name (ARN) of the Storage Lens group. This property is read-only.
        public let storageLensGroupArn: String?

        @inlinable
        public init(filter: StorageLensGroupFilter, name: String, storageLensGroupArn: String? = nil) {
            self.filter = filter
            self.name = name
            self.storageLensGroupArn = storageLensGroupArn
        }

        public func validate(name: String) throws {
            try self.filter.validate(name: "\(name).filter")
            try self.validate(self.name, name: "name", parent: name, max: 64)
            try self.validate(self.name, name: "name", parent: name, min: 1)
            try self.validate(self.name, name: "name", parent: name, pattern: "^[a-zA-Z0-9\\-\\_]+$")
            try self.validate(self.storageLensGroupArn, name: "storageLensGroupArn", parent: name, max: 1024)
            try self.validate(self.storageLensGroupArn, name: "storageLensGroupArn", parent: name, min: 4)
            try self.validate(self.storageLensGroupArn, name: "storageLensGroupArn", parent: name, pattern: "^arn:[a-z\\-]+:s3:[a-z0-9\\-]+:\\d{12}:storage\\-lens\\-group\\/")
        }

        private enum CodingKeys: String, CodingKey {
            case filter = "Filter"
            case name = "Name"
            case storageLensGroupArn = "StorageLensGroupArn"
        }
    }

    public struct StorageLensGroupAndOperator: AWSEncodableShape & AWSDecodableShape {
        public struct _MatchAnyPrefixEncoding: ArrayCoderProperties { public static let member = "Prefix" }
        public struct _MatchAnySuffixEncoding: ArrayCoderProperties { public static let member = "Suffix" }
        public struct _MatchAnyTagEncoding: ArrayCoderProperties { public static let member = "Tag" }

        ///  Contains a list of prefixes. At least one prefix must be specified. Up to 10 prefixes are allowed.
        @OptionalCustomCoding<ArrayCoder<_MatchAnyPrefixEncoding, String>>
        public var matchAnyPrefix: [String]?
        ///  Contains a list of suffixes. At least one suffix must be specified. Up to 10 suffixes are allowed.
        @OptionalCustomCoding<ArrayCoder<_MatchAnySuffixEncoding, String>>
        public var matchAnySuffix: [String]?
        ///  Contains the list of object tags. At least one object tag must be specified. Up to 10 object tags are allowed.
        @OptionalCustomCoding<ArrayCoder<_MatchAnyTagEncoding, S3Tag>>
        public var matchAnyTag: [S3Tag]?
        ///  Contains DaysGreaterThan and DaysLessThan to define the object age range (minimum and maximum number of days).
        public let matchObjectAge: MatchObjectAge?
        ///  Contains BytesGreaterThan and BytesLessThan to define the object size range (minimum and maximum number of Bytes).
        public let matchObjectSize: MatchObjectSize?

        @inlinable
        public init(matchAnyPrefix: [String]? = nil, matchAnySuffix: [String]? = nil, matchAnyTag: [S3Tag]? = nil, matchObjectAge: MatchObjectAge? = nil, matchObjectSize: MatchObjectSize? = nil) {
            self.matchAnyPrefix = matchAnyPrefix
            self.matchAnySuffix = matchAnySuffix
            self.matchAnyTag = matchAnyTag
            self.matchObjectAge = matchObjectAge
            self.matchObjectSize = matchObjectSize
        }

        public func validate(name: String) throws {
            try self.matchAnyTag?.forEach {
                try $0.validate(name: "\(name).matchAnyTag[]")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case matchAnyPrefix = "MatchAnyPrefix"
            case matchAnySuffix = "MatchAnySuffix"
            case matchAnyTag = "MatchAnyTag"
            case matchObjectAge = "MatchObjectAge"
            case matchObjectSize = "MatchObjectSize"
        }
    }

    public struct StorageLensGroupFilter: AWSEncodableShape & AWSDecodableShape {
        public struct _MatchAnyPrefixEncoding: ArrayCoderProperties { public static let member = "Prefix" }
        public struct _MatchAnySuffixEncoding: ArrayCoderProperties { public static let member = "Suffix" }
        public struct _MatchAnyTagEncoding: ArrayCoderProperties { public static let member = "Tag" }

        /// A logical operator that allows multiple filter conditions to be joined for more complex comparisons of Storage Lens group data. Objects must match all of the listed filter conditions that are joined by the And logical operator. Only one of each filter condition is allowed.
        public let and: StorageLensGroupAndOperator?
        ///  Contains a list of prefixes. At least one prefix must be specified. Up to 10 prefixes are allowed.
        @OptionalCustomCoding<ArrayCoder<_MatchAnyPrefixEncoding, String>>
        public var matchAnyPrefix: [String]?
        ///  Contains a list of suffixes. At least one suffix must be specified. Up to 10 suffixes are allowed.
        @OptionalCustomCoding<ArrayCoder<_MatchAnySuffixEncoding, String>>
        public var matchAnySuffix: [String]?
        ///  Contains the list of S3 object tags. At least one object tag must be specified. Up to 10 object tags are allowed.
        @OptionalCustomCoding<ArrayCoder<_MatchAnyTagEncoding, S3Tag>>
        public var matchAnyTag: [S3Tag]?
        ///  Contains DaysGreaterThan and DaysLessThan to define the object age range (minimum and maximum number of days).
        public let matchObjectAge: MatchObjectAge?
        ///  Contains BytesGreaterThan and BytesLessThan to define the object size range (minimum and maximum number of Bytes).
        public let matchObjectSize: MatchObjectSize?
        /// A single logical operator that allows multiple filter conditions to be joined. Objects can match any of the listed filter conditions, which are joined by the Or logical operator. Only one of each filter condition is allowed.
        public let or: StorageLensGroupOrOperator?

        @inlinable
        public init(and: StorageLensGroupAndOperator? = nil, matchAnyPrefix: [String]? = nil, matchAnySuffix: [String]? = nil, matchAnyTag: [S3Tag]? = nil, matchObjectAge: MatchObjectAge? = nil, matchObjectSize: MatchObjectSize? = nil, or: StorageLensGroupOrOperator? = nil) {
            self.and = and
            self.matchAnyPrefix = matchAnyPrefix
            self.matchAnySuffix = matchAnySuffix
            self.matchAnyTag = matchAnyTag
            self.matchObjectAge = matchObjectAge
            self.matchObjectSize = matchObjectSize
            self.or = or
        }

        public func validate(name: String) throws {
            try self.and?.validate(name: "\(name).and")
            try self.matchAnyTag?.forEach {
                try $0.validate(name: "\(name).matchAnyTag[]")
            }
            try self.or?.validate(name: "\(name).or")
        }

        private enum CodingKeys: String, CodingKey {
            case and = "And"
            case matchAnyPrefix = "MatchAnyPrefix"
            case matchAnySuffix = "MatchAnySuffix"
            case matchAnyTag = "MatchAnyTag"
            case matchObjectAge = "MatchObjectAge"
            case matchObjectSize = "MatchObjectSize"
            case or = "Or"
        }
    }

    public struct StorageLensGroupLevel: AWSEncodableShape & AWSDecodableShape {
        ///  Indicates which Storage Lens group ARNs to include or exclude in the Storage Lens group aggregation. If this value is left null, then all Storage Lens groups are selected.
        public let selectionCriteria: StorageLensGroupLevelSelectionCriteria?

        @inlinable
        public init(selectionCriteria: StorageLensGroupLevelSelectionCriteria? = nil) {
            self.selectionCriteria = selectionCriteria
        }

        public func validate(name: String) throws {
            try self.selectionCriteria?.validate(name: "\(name).selectionCriteria")
        }

        private enum CodingKeys: String, CodingKey {
            case selectionCriteria = "SelectionCriteria"
        }
    }

    public struct StorageLensGroupLevelSelectionCriteria: AWSEncodableShape & AWSDecodableShape {
        public struct _ExcludeEncoding: ArrayCoderProperties { public static let member = "Arn" }
        public struct _IncludeEncoding: ArrayCoderProperties { public static let member = "Arn" }

        ///  Indicates which Storage Lens group ARNs to exclude from the Storage Lens group aggregation.
        @OptionalCustomCoding<ArrayCoder<_ExcludeEncoding, String>>
        public var exclude: [String]?
        ///  Indicates which Storage Lens group ARNs to include in the Storage Lens group aggregation.
        @OptionalCustomCoding<ArrayCoder<_IncludeEncoding, String>>
        public var include: [String]?

        @inlinable
        public init(exclude: [String]? = nil, include: [String]? = nil) {
            self.exclude = exclude
            self.include = include
        }

        public func validate(name: String) throws {
            try self.exclude?.forEach {
                try validate($0, name: "exclude[]", parent: name, max: 1024)
                try validate($0, name: "exclude[]", parent: name, min: 4)
                try validate($0, name: "exclude[]", parent: name, pattern: "^arn:[a-z\\-]+:s3:[a-z0-9\\-]+:\\d{12}:storage\\-lens\\-group\\/")
            }
            try self.include?.forEach {
                try validate($0, name: "include[]", parent: name, max: 1024)
                try validate($0, name: "include[]", parent: name, min: 4)
                try validate($0, name: "include[]", parent: name, pattern: "^arn:[a-z\\-]+:s3:[a-z0-9\\-]+:\\d{12}:storage\\-lens\\-group\\/")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case exclude = "Exclude"
            case include = "Include"
        }
    }

    public struct StorageLensGroupOrOperator: AWSEncodableShape & AWSDecodableShape {
        public struct _MatchAnyPrefixEncoding: ArrayCoderProperties { public static let member = "Prefix" }
        public struct _MatchAnySuffixEncoding: ArrayCoderProperties { public static let member = "Suffix" }
        public struct _MatchAnyTagEncoding: ArrayCoderProperties { public static let member = "Tag" }

        ///  Filters objects that match any of the specified prefixes.
        @OptionalCustomCoding<ArrayCoder<_MatchAnyPrefixEncoding, String>>
        public var matchAnyPrefix: [String]?
        /// Filters objects that match any of the specified suffixes.
        @OptionalCustomCoding<ArrayCoder<_MatchAnySuffixEncoding, String>>
        public var matchAnySuffix: [String]?
        /// Filters objects that match any of the specified S3 object tags.
        @OptionalCustomCoding<ArrayCoder<_MatchAnyTagEncoding, S3Tag>>
        public var matchAnyTag: [S3Tag]?
        /// Filters objects that match the specified object age range.
        public let matchObjectAge: MatchObjectAge?
        /// Filters objects that match the specified object size range.
        public let matchObjectSize: MatchObjectSize?

        @inlinable
        public init(matchAnyPrefix: [String]? = nil, matchAnySuffix: [String]? = nil, matchAnyTag: [S3Tag]? = nil, matchObjectAge: MatchObjectAge? = nil, matchObjectSize: MatchObjectSize? = nil) {
            self.matchAnyPrefix = matchAnyPrefix
            self.matchAnySuffix = matchAnySuffix
            self.matchAnyTag = matchAnyTag
            self.matchObjectAge = matchObjectAge
            self.matchObjectSize = matchObjectSize
        }

        public func validate(name: String) throws {
            try self.matchAnyTag?.forEach {
                try $0.validate(name: "\(name).matchAnyTag[]")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case matchAnyPrefix = "MatchAnyPrefix"
            case matchAnySuffix = "MatchAnySuffix"
            case matchAnyTag = "MatchAnyTag"
            case matchObjectAge = "MatchObjectAge"
            case matchObjectSize = "MatchObjectSize"
        }
    }

    public struct StorageLensTag: AWSEncodableShape & AWSDecodableShape {
        public let key: String
        public let value: String

        @inlinable
        public init(key: String, value: String) {
            self.key = key
            self.value = value
        }

        public func validate(name: String) throws {
            try self.validate(self.key, name: "key", parent: name, max: 128)
            try self.validate(self.key, name: "key", parent: name, min: 1)
            try self.validate(self.key, name: "key", parent: name, pattern: "^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-@]*)$")
            try self.validate(self.value, name: "value", parent: name, max: 256)
            try self.validate(self.value, name: "value", parent: name, pattern: "^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-@]*)$")
        }

        private enum CodingKeys: String, CodingKey {
            case key = "Key"
            case value = "Value"
        }
    }

    public struct SubmitMultiRegionAccessPointRoutesRequest: AWSEncodableShape {
        public static let _options: AWSShapeOptions = [.checksumRequired]
        public struct _RouteUpdatesEncoding: ArrayCoderProperties { public static let member = "Route" }

        /// The Amazon Web Services account ID for the owner of the Multi-Region Access Point.
        public let accountId: String
        /// The Multi-Region Access Point ARN.
        public let mrap: String
        /// The different routes that make up the new route configuration. Active routes return a value of 100, and passive routes return a value of 0.
        @CustomCoding<ArrayCoder<_RouteUpdatesEncoding, MultiRegionAccessPointRoute>>
        public var routeUpdates: [MultiRegionAccessPointRoute]

        @inlinable
        public init(accountId: String, mrap: String, routeUpdates: [MultiRegionAccessPointRoute]) {
            self.accountId = accountId
            self.mrap = mrap
            self.routeUpdates = routeUpdates
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            var container = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.mrap, key: "Mrap")
            try container.encode(self.routeUpdates, forKey: .routeUpdates)
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.mrap, name: "mrap", parent: name, max: 200)
            try self.validate(self.mrap, name: "mrap", parent: name, pattern: "^[a-zA-Z0-9\\:.-]{3,200}$")
            try self.routeUpdates.forEach {
                try $0.validate(name: "\(name).routeUpdates[]")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case routeUpdates = "RouteUpdates"
        }
    }

    public struct SubmitMultiRegionAccessPointRoutesResult: AWSDecodableShape {
        public init() {}
    }

    public struct Tag: AWSEncodableShape & AWSDecodableShape {
        /// The key of the key-value pair of a tag added to your Amazon Web Services resource. A tag key can be up to 128 Unicode characters in length and is case-sensitive. System created tags that begin with aws: aren’t supported.
        public let key: String
        ///  The value of the key-value pair of a tag added to your Amazon Web Services resource. A tag value can be up to 256 Unicode characters in length and is case-sensitive.
        public let value: String

        @inlinable
        public init(key: String, value: String) {
            self.key = key
            self.value = value
        }

        public func validate(name: String) throws {
            try self.validate(self.key, name: "key", parent: name, max: 128)
            try self.validate(self.key, name: "key", parent: name, min: 1)
            try self.validate(self.key, name: "key", parent: name, pattern: "^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-@]*)$")
            try self.validate(self.value, name: "value", parent: name, max: 256)
            try self.validate(self.value, name: "value", parent: name, pattern: "^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-@]*)$")
        }

        private enum CodingKeys: String, CodingKey {
            case key = "Key"
            case value = "Value"
        }
    }

    public struct TagResourceRequest: AWSEncodableShape {
        public struct _TagsEncoding: ArrayCoderProperties { public static let member = "Tag" }

        /// The Amazon Web Services account ID that created the S3 resource that you're trying to add tags to or the requester's account ID.
        public let accountId: String
        /// The Amazon Resource Name (ARN) of the S3 resource that you're applying tags to. The tagged resource can be a directory bucket, S3 Storage Lens group or S3 Access Grants instance, registered location, or grant.
        public let resourceArn: String
        /// The Amazon Web Services resource tags that you want to add to the specified S3 resource.
        @CustomCoding<ArrayCoder<_TagsEncoding, Tag>>
        public var tags: [Tag]

        @inlinable
        public init(accountId: String, resourceArn: String, tags: [Tag]) {
            self.accountId = accountId
            self.resourceArn = resourceArn
            self.tags = tags
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            var container = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.resourceArn, key: "ResourceArn")
            try container.encode(self.tags, forKey: .tags)
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.resourceArn, name: "resourceArn", parent: name, max: 1011)
            try self.validate(self.resourceArn, name: "resourceArn", parent: name, pattern: "^arn:[^:]+:s3(express)?:[^:]")
            try self.tags.forEach {
                try $0.validate(name: "\(name).tags[]")
            }
            try self.validate(self.tags, name: "tags", parent: name, max: 50)
        }

        private enum CodingKeys: String, CodingKey {
            case tags = "Tags"
        }
    }

    public struct TagResourceResult: AWSDecodableShape {
        public init() {}
    }

    public struct Tagging: AWSEncodableShape {
        /// A collection for a set of tags.
        @CustomCoding<StandardArrayCoder<S3Tag>>
        public var tagSet: [S3Tag]

        @inlinable
        public init(tagSet: [S3Tag]) {
            self.tagSet = tagSet
        }

        public func validate(name: String) throws {
            try self.tagSet.forEach {
                try $0.validate(name: "\(name).tagSet[]")
            }
        }

        private enum CodingKeys: String, CodingKey {
            case tagSet = "TagSet"
        }
    }

    public struct Transition: AWSEncodableShape & AWSDecodableShape {
        /// Indicates when objects are transitioned to the specified storage class. The date value must be in ISO 8601 format. The time is always midnight UTC.
        public let date: Date?
        /// Indicates the number of days after creation when objects are transitioned to the specified storage class. The value must be a positive integer.
        public let days: Int?
        /// The storage class to which you want the object to transition.
        public let storageClass: TransitionStorageClass?

        @inlinable
        public init(date: Date? = nil, days: Int? = nil, storageClass: TransitionStorageClass? = nil) {
            self.date = date
            self.days = days
            self.storageClass = storageClass
        }

        private enum CodingKeys: String, CodingKey {
            case date = "Date"
            case days = "Days"
            case storageClass = "StorageClass"
        }
    }

    public struct UntagResourceRequest: AWSEncodableShape {
        ///  The Amazon Web Services account ID that owns the resource that you're trying to remove the tags from.
        public let accountId: String
        /// The Amazon Resource Name (ARN) of the S3 resource that you're removing tags from. The tagged resource can be a directory bucket, S3 Storage Lens group or S3 Access Grants instance, registered location, or grant.
        public let resourceArn: String
        ///  The array of tag key-value pairs that you're trying to remove from of the S3 resource.
        public let tagKeys: [String]

        @inlinable
        public init(accountId: String, resourceArn: String, tagKeys: [String]) {
            self.accountId = accountId
            self.resourceArn = resourceArn
            self.tagKeys = tagKeys
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.resourceArn, key: "ResourceArn")
            request.encodeQuery(self.tagKeys, key: "tagKeys")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.resourceArn, name: "resourceArn", parent: name, max: 1011)
            try self.validate(self.resourceArn, name: "resourceArn", parent: name, pattern: "^arn:[^:]+:s3(express)?:[^:]")
            try self.tagKeys.forEach {
                try validate($0, name: "tagKeys[]", parent: name, max: 128)
                try validate($0, name: "tagKeys[]", parent: name, min: 1)
                try validate($0, name: "tagKeys[]", parent: name, pattern: "^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-@]*)$")
            }
            try self.validate(self.tagKeys, name: "tagKeys", parent: name, max: 50)
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct UntagResourceResult: AWSDecodableShape {
        public init() {}
    }

    public struct UpdateAccessGrantsLocationRequest: AWSEncodableShape {
        public static let _options: AWSShapeOptions = [.checksumRequired]
        /// The ID of the registered location that you are updating. S3 Access Grants assigns this ID when you register the location. S3 Access Grants assigns the ID default to the default location s3:// and assigns an auto-generated ID to other locations that you register.   The ID of the registered location to which you are granting access. S3 Access Grants assigned this ID when you registered the location. S3 Access Grants assigns the ID default to the default location s3:// and assigns an auto-generated ID to other locations that you register.   If you are passing the default location, you cannot create an access grant for the entire default location. You must also specify a bucket or a bucket and prefix in the Subprefix field.
        public let accessGrantsLocationId: String
        /// The Amazon Web Services account ID of the S3 Access Grants instance.
        public let accountId: String
        /// The Amazon Resource Name (ARN) of the IAM role for the registered location. S3 Access Grants assumes this role to manage access to the registered location.
        public let iamRoleArn: String

        @inlinable
        public init(accessGrantsLocationId: String, accountId: String, iamRoleArn: String) {
            self.accessGrantsLocationId = accessGrantsLocationId
            self.accountId = accountId
            self.iamRoleArn = iamRoleArn
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            var container = encoder.container(keyedBy: CodingKeys.self)
            request.encodePath(self.accessGrantsLocationId, key: "AccessGrantsLocationId")
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            try container.encode(self.iamRoleArn, forKey: .iamRoleArn)
        }

        public func validate(name: String) throws {
            try self.validate(self.accessGrantsLocationId, name: "accessGrantsLocationId", parent: name, max: 64)
            try self.validate(self.accessGrantsLocationId, name: "accessGrantsLocationId", parent: name, min: 1)
            try self.validate(self.accessGrantsLocationId, name: "accessGrantsLocationId", parent: name, pattern: "^[a-zA-Z0-9\\-]+$")
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.iamRoleArn, name: "iamRoleArn", parent: name, max: 2048)
            try self.validate(self.iamRoleArn, name: "iamRoleArn", parent: name, min: 1)
            try self.validate(self.iamRoleArn, name: "iamRoleArn", parent: name, pattern: "^arn:[^:]+:iam::\\d{12}:role/")
        }

        private enum CodingKeys: String, CodingKey {
            case iamRoleArn = "IAMRoleArn"
        }
    }

    public struct UpdateAccessGrantsLocationResult: AWSDecodableShape {
        /// The Amazon Resource Name (ARN) of the registered location that you are updating.
        public let accessGrantsLocationArn: String?
        /// The ID of the registered location to which you are granting access. S3 Access Grants assigned this ID when you registered the location. S3 Access Grants assigns the ID default to the default location s3:// and assigns an auto-generated ID to other locations that you register.
        public let accessGrantsLocationId: String?
        /// The date and time when you registered the location.
        public let createdAt: Date?
        /// The Amazon Resource Name (ARN) of the IAM role of the registered location. S3 Access Grants assumes this role to manage access to the registered location.
        public let iamRoleArn: String?
        /// The S3 URI path of the location that you are updating. You cannot update the scope of the registered location. The location scope can be the default S3 location s3://, the S3 path to a bucket s3://, or the S3 path to a bucket and prefix s3:///.
        public let locationScope: String?

        @inlinable
        public init(accessGrantsLocationArn: String? = nil, accessGrantsLocationId: String? = nil, createdAt: Date? = nil, iamRoleArn: String? = nil, locationScope: String? = nil) {
            self.accessGrantsLocationArn = accessGrantsLocationArn
            self.accessGrantsLocationId = accessGrantsLocationId
            self.createdAt = createdAt
            self.iamRoleArn = iamRoleArn
            self.locationScope = locationScope
        }

        private enum CodingKeys: String, CodingKey {
            case accessGrantsLocationArn = "AccessGrantsLocationArn"
            case accessGrantsLocationId = "AccessGrantsLocationId"
            case createdAt = "CreatedAt"
            case iamRoleArn = "IAMRoleArn"
            case locationScope = "LocationScope"
        }
    }

    public struct UpdateJobPriorityRequest: AWSEncodableShape {
        /// The Amazon Web Services account ID associated with the S3 Batch Operations job.
        public let accountId: String
        /// The ID for the job whose priority you want to update.
        public let jobId: String
        /// The priority you want to assign to this job.
        public let priority: Int

        @inlinable
        public init(accountId: String, jobId: String, priority: Int = 0) {
            self.accountId = accountId
            self.jobId = jobId
            self.priority = priority
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.jobId, key: "JobId")
            request.encodeQuery(self.priority, key: "priority")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.jobId, name: "jobId", parent: name, max: 36)
            try self.validate(self.jobId, name: "jobId", parent: name, min: 5)
            try self.validate(self.jobId, name: "jobId", parent: name, pattern: "^[a-zA-Z0-9\\-\\_]+$")
            try self.validate(self.priority, name: "priority", parent: name, max: 2147483647)
            try self.validate(self.priority, name: "priority", parent: name, min: 0)
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct UpdateJobPriorityResult: AWSDecodableShape {
        /// The ID for the job whose priority Amazon S3 updated.
        public let jobId: String
        /// The new priority assigned to the specified job.
        public let priority: Int

        @inlinable
        public init(jobId: String, priority: Int) {
            self.jobId = jobId
            self.priority = priority
        }

        private enum CodingKeys: String, CodingKey {
            case jobId = "JobId"
            case priority = "Priority"
        }
    }

    public struct UpdateJobStatusRequest: AWSEncodableShape {
        /// The Amazon Web Services account ID associated with the S3 Batch Operations job.
        public let accountId: String
        /// The ID of the job whose status you want to update.
        public let jobId: String
        /// The status that you want to move the specified job to.
        public let requestedJobStatus: RequestedJobStatus
        /// A description of the reason why you want to change the specified job's status. This field can be any string up to the maximum length.
        public let statusUpdateReason: String?

        @inlinable
        public init(accountId: String, jobId: String, requestedJobStatus: RequestedJobStatus, statusUpdateReason: String? = nil) {
            self.accountId = accountId
            self.jobId = jobId
            self.requestedJobStatus = requestedJobStatus
            self.statusUpdateReason = statusUpdateReason
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            _ = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.jobId, key: "JobId")
            request.encodeQuery(self.requestedJobStatus, key: "requestedJobStatus")
            request.encodeQuery(self.statusUpdateReason, key: "statusUpdateReason")
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.jobId, name: "jobId", parent: name, max: 36)
            try self.validate(self.jobId, name: "jobId", parent: name, min: 5)
            try self.validate(self.jobId, name: "jobId", parent: name, pattern: "^[a-zA-Z0-9\\-\\_]+$")
            try self.validate(self.statusUpdateReason, name: "statusUpdateReason", parent: name, max: 256)
            try self.validate(self.statusUpdateReason, name: "statusUpdateReason", parent: name, min: 1)
        }

        private enum CodingKeys: CodingKey {}
    }

    public struct UpdateJobStatusResult: AWSDecodableShape {
        /// The ID for the job whose status was updated.
        public let jobId: String?
        /// The current status for the specified job.
        public let status: JobStatus?
        /// The reason that the specified job's status was updated.
        public let statusUpdateReason: String?

        @inlinable
        public init(jobId: String? = nil, status: JobStatus? = nil, statusUpdateReason: String? = nil) {
            self.jobId = jobId
            self.status = status
            self.statusUpdateReason = statusUpdateReason
        }

        private enum CodingKeys: String, CodingKey {
            case jobId = "JobId"
            case status = "Status"
            case statusUpdateReason = "StatusUpdateReason"
        }
    }

    public struct UpdateStorageLensGroupRequest: AWSEncodableShape {
        /// The Amazon Web Services account ID of the Storage Lens group owner.
        public let accountId: String
        /// The name of the Storage Lens group that you want to update.
        public let name: String
        /// The JSON file that contains the Storage Lens group configuration.
        public let storageLensGroup: StorageLensGroup

        @inlinable
        public init(accountId: String, name: String, storageLensGroup: StorageLensGroup) {
            self.accountId = accountId
            self.name = name
            self.storageLensGroup = storageLensGroup
        }

        public func encode(to encoder: Encoder) throws {
            let request = encoder.userInfo[.awsRequest]! as! RequestEncodingContainer
            var container = encoder.container(keyedBy: CodingKeys.self)
            request.encodeHeader(self.accountId, key: "x-amz-account-id")
            request.encodeHostPrefix(self.accountId, key: "AccountId")
            request.encodePath(self.name, key: "Name")
            try container.encode(self.storageLensGroup, forKey: .storageLensGroup)
        }

        public func validate(name: String) throws {
            try self.validate(self.accountId, name: "accountId", parent: name, max: 64)
            try self.validate(self.accountId, name: "accountId", parent: name, pattern: "^\\d{12}$")
            try self.validate(self.name, name: "name", parent: name, max: 64)
            try self.validate(self.name, name: "name", parent: name, min: 1)
            try self.validate(self.name, name: "name", parent: name, pattern: "^[a-zA-Z0-9\\-\\_]+$")
            try self.storageLensGroup.validate(name: "\(name).storageLensGroup")
        }

        private enum CodingKeys: String, CodingKey {
            case storageLensGroup = "StorageLensGroup"
        }
    }

    public struct VersioningConfiguration: AWSEncodableShape {
        /// Specifies whether MFA delete is enabled or disabled in the bucket versioning configuration for the S3 on Outposts bucket.
        public let mfaDelete: MFADelete?
        /// Sets the versioning state of the S3 on Outposts bucket.
        public let status: BucketVersioningStatus?

        @inlinable
        public init(mfaDelete: MFADelete? = nil, status: BucketVersioningStatus? = nil) {
            self.mfaDelete = mfaDelete
            self.status = status
        }

        private enum CodingKeys: String, CodingKey {
            case mfaDelete = "MfaDelete"
            case status = "Status"
        }
    }

    public struct VpcConfiguration: AWSEncodableShape & AWSDecodableShape {
        /// If this field is specified, this access point will only allow connections from the specified VPC ID.
        public let vpcId: String

        @inlinable
        public init(vpcId: String) {
            self.vpcId = vpcId
        }

        public func validate(name: String) throws {
            try self.validate(self.vpcId, name: "vpcId", parent: name, max: 1024)
            try self.validate(self.vpcId, name: "vpcId", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case vpcId = "VpcId"
        }
    }

    public struct JobManifestGenerator: AWSEncodableShape & AWSDecodableShape {
        /// The S3 job ManifestGenerator's configuration details.
        public let s3JobManifestGenerator: S3JobManifestGenerator?

        @inlinable
        public init(s3JobManifestGenerator: S3JobManifestGenerator? = nil) {
            self.s3JobManifestGenerator = s3JobManifestGenerator
        }

        public func validate(name: String) throws {
            try self.s3JobManifestGenerator?.validate(name: "\(name).s3JobManifestGenerator")
        }

        private enum CodingKeys: String, CodingKey {
            case s3JobManifestGenerator = "S3JobManifestGenerator"
        }
    }

    public struct ObjectLambdaContentTransformation: AWSEncodableShape & AWSDecodableShape {
        /// A container for an Lambda function.
        public let awsLambda: AwsLambdaTransformation?

        @inlinable
        public init(awsLambda: AwsLambdaTransformation? = nil) {
            self.awsLambda = awsLambda
        }

        public func validate(name: String) throws {
            try self.awsLambda?.validate(name: "\(name).awsLambda")
        }

        private enum CodingKeys: String, CodingKey {
            case awsLambda = "AwsLambda"
        }
    }
}

// MARK: - Errors

/// Error enum for S3Control
public struct S3ControlErrorType: AWSErrorType {
    enum Code: String {
        case badRequestException = "BadRequestException"
        case bucketAlreadyExists = "BucketAlreadyExists"
        case bucketAlreadyOwnedByYou = "BucketAlreadyOwnedByYou"
        case idempotencyException = "IdempotencyException"
        case internalServiceException = "InternalServiceException"
        case invalidNextTokenException = "InvalidNextTokenException"
        case invalidRequestException = "InvalidRequestException"
        case jobStatusException = "JobStatusException"
        case noSuchPublicAccessBlockConfiguration = "NoSuchPublicAccessBlockConfiguration"
        case notFoundException = "NotFoundException"
        case tooManyRequestsException = "TooManyRequestsException"
        case tooManyTagsException = "TooManyTagsException"
    }

    private let error: Code
    public let context: AWSErrorContext?

    /// initialize S3Control
    public init?(errorCode: String, context: AWSErrorContext) {
        guard let error = Code(rawValue: errorCode) else { return nil }
        self.error = error
        self.context = context
    }

    internal init(_ error: Code) {
        self.error = error
        self.context = nil
    }

    /// return error code string
    public var errorCode: String { self.error.rawValue }

    public static var badRequestException: Self { .init(.badRequestException) }
    /// The requested Outposts bucket name is not available. The bucket namespace is shared by all users of the Outposts in this Region. Select a different name and try again.
    public static var bucketAlreadyExists: Self { .init(.bucketAlreadyExists) }
    /// The Outposts bucket you tried to create already exists, and you own it.
    public static var bucketAlreadyOwnedByYou: Self { .init(.bucketAlreadyOwnedByYou) }
    public static var idempotencyException: Self { .init(.idempotencyException) }
    public static var internalServiceException: Self { .init(.internalServiceException) }
    public static var invalidNextTokenException: Self { .init(.invalidNextTokenException) }
    public static var invalidRequestException: Self { .init(.invalidRequestException) }
    public static var jobStatusException: Self { .init(.jobStatusException) }
    /// Amazon S3 throws this exception if you make a GetPublicAccessBlock request against an account that doesn't have a PublicAccessBlockConfiguration set.
    public static var noSuchPublicAccessBlockConfiguration: Self { .init(.noSuchPublicAccessBlockConfiguration) }
    public static var notFoundException: Self { .init(.notFoundException) }
    public static var tooManyRequestsException: Self { .init(.tooManyRequestsException) }
    /// Amazon S3 throws this exception if you have too many tags in your tag set.
    public static var tooManyTagsException: Self { .init(.tooManyTagsException) }
}

extension S3ControlErrorType: Equatable {
    public static func == (lhs: S3ControlErrorType, rhs: S3ControlErrorType) -> Bool {
        lhs.error == rhs.error
    }
}

extension S3ControlErrorType: CustomStringConvertible {
    public var description: String {
        return "\(self.error.rawValue): \(self.message ?? "")"
    }
}
